Moderate 2,854 High 1,910 Critical 793 Low 320

com.liferay.portal:release.dxp.bom 24 com.fasterxml.jackson.core:jackson-databind 24 net.mingsoft:ms-mcms 19 org.jenkins-ci.main:jenkins-core 19 org.apache.dubbo:dubbo 13 org.xwiki.platform:xwiki-platform-oldcore 12 org.apache.struts:struts2-core 12 com.liferay.portal:release.portal.bom 11 org.xwiki.platform:xwiki-platform-web-templates 10 org.xwiki.platform:xwiki-platform-administration-ui 8 org.apache.shiro:shiro-core 6 org.apache.inlong:manager-pojo 6 org.jeecgframework.boot:jeecg-boot-common 6 org.jeecgframework.boot:jeecg-boot-parent 5 org.jenkins-ci.plugins:script-security 5 org.xwiki.commons:xwiki-commons-xml 5 org.xwiki.platform:xwiki-platform-web 5 org.apache.openmeetings:openmeetings-parent 5 org.apache.kylin:kylin-server-base 4 org.eclipse.jetty:jetty-server 4 org.apache.solr:solr-core 4 ai.h2o:h2o-core 4 org.xwiki.platform:xwiki-platform-flamingo-skin-resources 4 org.xwiki.platform:xwiki-platform-search-ui 4 org.apache.tapestry:tapestry-core 4 org.cloudfoundry.identity:cloudfoundry-identity-server 4 org.apache.ignite:ignite-core 4 org.apache.tomcat.embed:tomcat-embed-core 4 org.xwiki.platform:xwiki-platform-appwithinminutes-ui 4 org.apache.inlong:manager-service 4 org.jeecgframework.boot:jeecg-boot-base-core 4 org.apache.tomcat:tomcat-catalina 4 org.apache.activemq:activemq-client 4 net.opentsdb:opentsdb 4 com.alibaba:dubbo 3 io.dataease:dataease-plugin-common 3 org.jeecgframework.boot:jeecg-module-system 3 org.zenframework.z8.dependencies.commons:log4j-1.2.17 3 com.hazelcast:hazelcast 3 edu.stanford.nlp:stanford-corenlp 3 org.keycloak:keycloak-core 3 org.jenkins-ci.plugins.workflow:workflow-cps 3 io.undertow:undertow-core 3 org.xwiki.platform:xwiki-platform-panels-ui 3 org.apache.any23:apache-any23 3 org.apache.linkis:linkis 3 org.jenkins-ci.plugins:active-directory 3 org.apache.hadoop:hadoop-common 3 ro.pippo:pippo-core 3 org.richfaces:richfaces-core 3 org.apache.ranger:ranger 3 org.xwiki.platform:xwiki-platform-distribution-war 3 com.jflyfox:jflyfox_jfinal 3 org.apache.inlong:manager-web 3 org.apache.jmeter:ApacheJMeter 3 org.apache.storm:storm 3 h2o 3 org.springframework.security:spring-security-core 3 org.jeecgframework.boot:jeecg-boot-base 3 org.xwiki.platform:xwiki-platform-flamingo-theme-ui 3 org.xwiki.platform:xwiki-platform-icon-ui 3 org.apache.ozone:ozone-main 3 log4j:log4j 3 org.apache.dolphinscheduler:dolphinscheduler 3 org.apache.geode:geode-core 2 com.jfinal:jfinal 2 org.xwiki.platform:xwiki-platform-rendering-async-macro 2 org.apache.shiro:shiro-spring 2 org.xwiki.platform:xwiki-platform-administration 2 org.xwiki.platform:xwiki-platform-invitation-ui 2 org.apache.dubbo:dubbo-parent 2 ai.djl:api 2 org.xwiki.platform:xwiki-platform-rest-server 2 org.xwiki.platform:xwiki-platform-scheduler-ui 2 org.apache.rocketmq:rocketmq-namesrv 2 org.apache.xmlrpc:xmlrpc 2 org.apache.flume.flume-ng-sources:flume-jms-source 2 org.apache.james:james-server 2 org.jenkins-ci.plugins:oic-auth 2 org.apache.solr:solr-parent 2 org.xwiki.contrib:application-ckeditor-ui 2 org.apache.nifi:nifi 2 cn.hutool:hutool-core 2 org.noear:solon 2 io.vertx:vertx-web 2 org.jenkins-ci.plugins:email-ext 2 org.apache.cxf:cxf 2 org.ops4j.pax.logging:pax-logging-log4j2 2 com.enonic.xp:lib-auth 2 com.hazelcast.jet:hazelcast-jet 2 org.apache.commons:commons-configuration2 2 org.springframework.amqp:spring-amqp 2 org.apache.streampark:streampark 2 org.apache.inlong:manager-dao 2 org.springframework:spring-messaging 2 org.geoserver:gs-wms 2 com.xuxueli:xxl-rpc-core 2 org.apache.cocoon:cocoon 2 cn.hutool:hutool-all 2 org.apache.shiro:shiro-web 2 org.folio:mod-data-export-spring 2 org.odata4j:odata4j-core 2 org.xwiki.platform:xwiki-platform-notifications-ui 2 org.apache.cassandra:cassandra-all 2 org.xwiki.platform:xwiki-platform-skin-skinx 2 com.thoughtworks.xstream:xstream 2 org.apache.pulsar:pulsar 2 org.keycloak:keycloak-parent 2 org.geoserver:gs-wfs 2 com.h2database:h2 2 org.apache.shenyu:shenyu-common 2 org.apache.cxf:cxf-core 2 org.geoserver.web:gs-web-app 2 org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki 2 org.jenkins-ci.plugins:semantic-versioning-plugin 2 org.neo4j.procedure:apoc 2 net.bull.javamelody:javamelody-core 2 org.xwiki.platform:xwiki-platform-attachment-ui 2 org.xwiki.rendering:xwiki-rendering-syntax-xhtml 2 com.cronutils:cron-utils 2 tech.powerjob:powerjob 2 com.bstek.ureport:ureport2-core 2 cn.hutool:hutool-json 2 org.keycloak:keycloak-services 2 org.xwiki.platform:xwiki-platform-search-solr-ui 2 org.apache.derby:derby 2 com.hubspot.jinjava:jinjava 1 de.averbis.textanalysis:pear-archetype 1 com.bstek.ureport:ureport2-console 1 org.apache.karaf.specs:org.apache.karaf.specs.java.xml 1 org.apache.jackrabbit:jackrabbit-webapp 1 io.pebbletemplates:pebble 1 org.apache.shenyu:shenyu-admin 1 org.gluu:oxauth-common 1 com.jason-goodwin:authentikat-jwt_2.12 1 org.xwiki.platform:xwiki-platform-webjars-api 1 cn.dev33:sa-token-core 1 com.itextpdf:itext-rups 1 com.guicedee.services:commons-text 1 org.apache.tomcat.embed:tomcat-embed-jasper 1 org.grails:grails-databinding 1 io.jenkins.plugins:oidc-provider 1 org.springframework:spring-web 1 org.geotools:gt-wfs-ng 1 org.apache.solr:solr-solrj 1 org.springframework.data:spring-data-commons 1 org.apache.tomcat:tomcat-coyote 1 org.apache.activemq:activemq-broker 1 org.xwiki.platform:xwiki-platform-realtime-ui 1 org.eclipse.lemminx:lemminx-parent 1 org.xwiki.contrib.markdown:syntax-markdown-commonmark12 1 org.xwiki.rendering:xwiki-rendering-syntax-annotatedxhtml 1 io.netty:netty-codec-http 1 org.mapfish.print:print-lib 1 org.geotools:gt-complex 1 org.xwiki.rendering:xwiki-rendering-transformation-macro 1 org.codehaus.jackson:jackson-mapper-asl 1 com.alibaba:fastjson 1 org.http4s:http4s-server_2.12 1 org.bonitasoft.connectors:bonita-connector-webservice 1 com.starkbank.ellipticcurve:starkbank-ecdsa 1 org.jodd:jodd-json 1 io.pebbletemplates:pebble-project 1 org.openmrs.module:patientflags 1 org.powernukkit:powernukkit 1 com.typesafe.akka:akka-actor_2.12 1 com.liferay.commerce:com.liferay.commerce.address.content.web 1 org.apache.maven.shared:maven-shared-utils 1 org.apache.jackrabbit:jackrabbit-standalone-components 1 org.openhab.ui.bundles:org.openhab.ui.cometvisu 1 com.predic8:soa-model-parent 1 io.fabric8.pipeline:kubernetes-pipeline-steps 1 org.apache.xmlgraphics:batik 1 com.xwiki.confluencepro:application-confluence-migrator-pro-ui 1 org.apache.rocketmq:rocketmq-controller 1 org.apache.jena:jena-sdb 1 com.googlecode.aviator:aviator 1 org.apache.pinot:pinot 1 org.opencastproject:opencast-common 1 com.liferay.portal:com.liferay.portal.web 1 org.xwiki.platform:xwiki-platform-ckeditor-ui 1 org.apache.maven:maven-core 1 org.apache.jena:jena 1 org.apache.tomcat:tomcat-jasper 1 org.mitre:openid-connect-parent 1 org.hsqldb:hsqldb 1 fr.turri:aXMLRPC 1 org.springframework.cloud:spring-cloud-gateway 1 org.openapitools:openapi-generator-online 1 org.pac4j:pac4j-core 1 org.apache.zeppelin:zeppelin-jdbc 1 com.ibeetl:beetl 1 org.apache.bcel:bcel 1 org.openmrs:openmrs 1 org.springframework.boot:spring-boot-actuator-autoconfigure 1 org.apache.iotdb:iotdb-confignode 1 org.geotools.xsd:gt-xsd-core 1 org.codelibs.fess:fess 1 io.jenkins.plugin-management:plugin-management-parent-pom 1 org.apache.solr:solr 1

https://github.com/xwiki/xwiki-platform 100 https://github.com/FasterXML/jackson-databind 24 https://github.com/jenkinsci/jenkins 18 https://github.com/apache/inlong 10 https://github.com/ming-soft/MCMS 10 https://github.com/jeecgboot/jeecg-boot 9 https://github.com/apache/struts 8 https://github.com/apache/tomcat 7 https://github.com/liferay/liferay-portal 6 https://github.com/xwiki/xwiki-commons 6 https://github.com/dromara/hutool 5 https://github.com/spring-projects/spring-framework 5 https://github.com/apache/activemq 5 https://github.com/keycloak/keycloak 5 https://github.com/OpenTSDB/opentsdb 4 https://github.com/pippo-java/pippo 4 https://github.com/cloudfoundry/uaa 4 https://github.com/dataease/dataease 4 https://github.com/xwiki/xwiki-rendering 4 https://github.com/CVEProject/cvelist 4 https://github.com/h2oai/h2o-3 3 https://github.com/apache/shiro 3 https://github.com/jflyfox/jfinal_cms 3 https://github.com/apache/camel 3 https://github.com/geoserver/geoserver 3 https://github.com/opencast/opencast 3 https://github.com/LetianYuan/My-CVE-Public-References 3 https://github.com/mbechler/marshalsec 3 https://github.com/hazelcast/hazelcast 3 https://github.com/apache/dolphinscheduler 3 https://github.com/spring-projects/spring-security 2 https://github.com/apache/jmeter 2 https://github.com/geotools/geotools 2 https://github.com/apache/dubbo 2 https://github.com/apache/hadoop 2 https://github.com/PowerJob/PowerJob 2 https://github.com/vert-x3/vertx-web 2 https://github.com/h2database/h2database 2 https://github.com/apache/flume 2 https://github.com/line/armeria 2 https://github.com/apache/openmeetings 2 https://github.com/folio-org/mod-data-export-spring 2 https://github.com/HtmlUnit/htmlunit 2 https://github.com/apache/kylin 2 https://github.com/jenkinsci/script-security-plugin 2 https://github.com/jenkinsci/semantic-versioning-plugin 2 https://github.com/apache/pinot 2 https://github.com/javamelody/javamelody 2 https://github.com/frohoff/ysoserial 2 https://github.com/deepjavalibrary/djl 2 https://github.com/apache/zeppelin 2 https://github.com/enonic/xp 2 https://github.com/http4s/http4s 2 https://github.com/neo4j-contrib/neo4j-apoc-procedures 2 https://github.com/stanfordnlp/corenlp 2 https://github.com/jfinal/jfinal 2 https://github.com/apache/iotdb 2 https://github.com/apache/ignite 2 https://github.com/noear/solon 2 https://github.com/apache/karaf 2 https://github.com/apache/incubator-streampark 2 https://github.com/quarkusio/quarkus 2 https://github.com/apache/incubator-hugegraph 2 https://github.com/jmrozanec/cron-utils 2 https://github.com/OpenAPITools/openapi-generator 2 https://github.com/quartz-scheduler/quartz 1 https://github.com/jenkinsci/ontrack-plugin 1 https://github.com/eXist-db/exist 1 https://github.com/grails/grails-core 1 https://github.com/codelibs/fess 1 https://github.com/bonitasoft/bonita-connector-webservice 1 https://github.com/ethereum/ethereumj 1 https://github.com/redisson/redisson 1 https://github.com/J0hnWalker/jeecg-boot-sqli 1 https://github.com/geonetwork/core-geonetwork 1 https://github.com/Wechat-Group/WxJava 1 https://github.com/Maverickfir/RuoYi-v4.6-vulnerability 1 https://github.com/igniterealtime/Openfire 1 https://github.com/liquibase/liquibase 1 https://github.com/alipay/sofa-hessian 1 https://github.com/codenameone/CodenameOne 1 https://github.com/OpenRefine/simile-butterfly 1 https://github.com/gitblit/gitblit 1 https://github.com/apache/sling-org-apache-sling-commons-johnzon 1 https://github.com/shopizer-ecommerce/shopizer 1 https://github.com/apache/storm 1 https://github.com/apache/maven-shared-utils 1 https://github.com/apache/flex-blazeds 1 https://github.com/averbis/pear-archetype 1 https://github.com/jenkinsci/workflow-cps-plugin 1 https://github.com/apache/any23 1 https://github.com/PoppingSnack/VulReport 1 https://github.com/JSONPath-Plus/JSONPath 1 https://github.com/aerospike/aerospike-client-java 1 https://github.com/apache/pulsar 1 https://github.com/youseries/uflo 1 https://github.com/apache/httpcomponents-client 1 https://github.com/richfaces/richfaces 1 https://github.com/orangecertcc/security-research 1 https://github.com/edirc-wong/record 1 https://github.com/eclipse/jetty.project 1 https://github.com/haraldk/TwelveMonkeys 1 https://github.com/naver/ngrinder 1 https://github.com/hyperledger/besu 1 https://github.com/conductor-oss/conductor 1 https://github.com/Netflix/genie 1 https://github.com/apache/streampipes 1 https://github.com/xwikisas/application-confluence-migrator-pro 1 https://github.com/pingidentity/ldapsdk 1 https://github.com/aws/amazon-redshift-jdbc-driver 1 https://github.com/xjodoin/torpedoquery 1 https://github.com/apache/sling-org-apache-sling-xss 1 https://github.com/undertow-io/undertow 1 https://github.com/apache/accumulo 1 https://github.com/thenables/thenify 1 https://github.com/jensdietrich/xshady-release 1 https://github.com/xuxueli/xxl-rpc 1 https://github.com/DrunkenShells/Disclosures 1 https://github.com/neo4j/neo4j 1 https://github.com/jenkinsci/plugin-installation-manager-tool 1 https://github.com/infinispan/infinispan 1 https://github.com/apache/helix 1 https://github.com/jenkinsci/generic-webhook-trigger-plugin 1 https://github.com/ManyDesigns/Portofino 1 https://github.com/xuxueli/xxl-job 1 https://github.com/oblac/jodd 1 https://github.com/rubygems/rubygems 1 https://github.com/beobal/cassandra 1 https://github.com/PebbleTemplates/pebble 1 https://github.com/spring-projects/spring-boot 1 https://github.com/xwiki-contrib/syntax-markdown 1 https://github.com/jenkinsci/nuget-plugin 1 https://github.com/penggle/kaptcha 1 https://github.com/geosolutions-it/jai-ext 1 https://github.com/ops4j/org.ops4j.pax.logging 1 https://github.com/Jasig/phpCAS 1 https://github.com/GoogleContainerTools/jib 1 https://github.com/lessthanoptimal/BoofCV 1 https://github.com/glazedlists/glazedlists 1 https://github.com/qos-ch/slf4j 1 https://github.com/unclebob/fitnesse 1 https://github.com/apache/incubator-kie-drools 1 https://github.com/stanfordnlp/CoreNLP 1 https://github.com/GluuFederation/oxAuth 1 https://github.com/Alluxio/alluxio 1 https://github.com/zhutougg/c3p0 1 https://github.com/netty/netty 1 https://github.com/e-Contract/dssp 1 https://github.com/luelueking/Beetl-3.15.0-vuln-poc 1 https://github.com/gturri/aXMLRPC 1 https://github.com/jenkinsci/keycloak-plugin 1 https://github.com/cgddgc/vulns 1 https://github.com/AsyncHttpClient/async-http-client 1 https://github.com/jenkinsci/bitbucket-oauth-plugin 1 https://github.com/bcgit/bc-java 1 https://github.com/joniles/mpxj 1 https://github.com/FCncdn/MybatisPlusTenantPluginSQLInjection-POC 1 https://github.com/ngallagher/simplexml 1 https://github.com/jenkinsci/matrix-project-plugin 1 https://github.com/membrane/soa-model 1 https://github.com/apache/maven 1 https://github.com/aws-amplify/aws-sdk-android 1 https://github.com/OpenIdentityPlatform/OpenAM 1 https://github.com/larsga/Duke 1 https://github.com/xwikisas/identity-oauth 1 https://github.com/mapfish/mapfish-print 1 https://github.com/jasongoodwin/authentikat-jwt 1 https://github.com/pmd/pmd 1 https://github.com/micronaut-projects/micronaut-core 1 https://github.com/eclipse/rdf4j 1 https://github.com/splunk/splunk-library-javalogging 1 https://github.com/apache/rocketmq 1 https://github.com/starkbank/ecdsa-java 1 https://github.com/square/retrofit 1 https://github.com/apache/lucene-solr 1 https://github.com/esigate/esigate 1 https://github.com/apache/activemq-apollo 1 https://github.com/anchore/grype 1 https://github.com/orientechnologies/orientdb 1 https://github.com/dromara/Sa-Token 1 https://github.com/apache/logging-log4j2 1 https://github.com/rapid7/metasploit-framework 1 https://github.com/jenkinsci/mstest-plugin 1 https://github.com/scifio/scifio 1 https://github.com/apache/juddi 1 https://github.com/jenkinsci/job-dsl-plugin 1 https://github.com/SAP/cloud-security-services-integration-library 1 https://github.com/xwiki-contrib/oidc 1 https://github.com/nablarch/nablarch-fw-web 1 https://github.com/typelevel/fs2 1 https://github.com/apache/tika 1 https://github.com/jenkinsci/workflow-remote-loader-plugin 1 https://github.com/zhangdaiscott/jeecg-boot 1 https://github.com/killme2008/aviatorscript 1 https://bitbucket.org/connect2id/nimbus-jose-jwt 1 https://github.com/PowerNukkit/PowerNukkit 1 https://github.com/apache/nifi 1 https://github.com/opencrx/opencrx 1 https://github.com/apache/mina-sshd 1