26517 matches found
org.webjars.npm:bazel__typescript (=1.7.0), org.webjars.npm:cesium (>=1.96.0 <=1.137.0) +13 more potentially affected by CVE-2026-44292 via org.webjars.npm:protobufjs (>=6.11.3 <=8.0.0)
org.webjars.npm:protobufjs MAVEN version =6.11.3, =1.96.0, =1.0.0, =1.0.0, =10.13.0, =4.7.0, =0.3.35, =1.6.1, =0.5.2, =0.7.15 - org.webjars.npm:tiktok-live-connector =1.0.2 Source cves: CVE-2026-44292 Source advisory: SNYK:JAVA-ORGWEBJARSNPM-16643320...
birdclaw (>=0.1.0 <=0.7.0), livemark (>=0.0.0-dev <=0.23.0) potentially affected by CVE-2026-45321 via @tanstack/react-router-ssr-query (>=1.166.10 <=1.166.12)
@tanstack/react-router-ssr-query NPM version =1.166.10, =0.1.0, =0.0.0-dev, =0.23.0 Source cves: CVE-2026-45321 Source advisory: SNYK:JS-TANSTACKREACTROUTERSSRQUERY-16640207...
ai.agentican:agentican-framework-core (>=0.1.0-alpha.2 <=0.1.0-alpha.4), ai.agentican:agentican-quarkus-deployment (>=0.1.0-alpha.1 <=0.1.0-alpha.4) +23809 more potentially affected by CVE-2026-42585 via io.netty:netty-codec-http (>=4.0.0.Alpha1 <=4.1.132.Final)
io.netty:netty-codec-http MAVEN version =4.0.0.Alpha1, =0.1.0-alpha.2, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.1, =0.1.0-alpha.3, =0.1.0-alpha.2, =0.1.0, =0.1.0, =0.2.0, =0.2.0, =0.28.0 and more Source cves:...
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +2921 more potentially affected by CVE-2026-42580 via io.netty:netty-codec-http (>=4.2.0.Alpha1 <=4.2.12.Final)
io.netty:netty-codec-http MAVEN version =4.2.0.Alpha1, =0.1.0, =0.1.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.0, =26.3.2 and more Source cves: CVE-2026-42580 Source advisory: SNYK:JAVA-IONETTY-16438926...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-43930 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-43930 Source advisory: OSV:GHSA-JPQ4-7FMQ-Q5FJ...
arthexis (>=0.2.6 <=0.8.0), cg-django-uaa (=2.1.9) +29 more potentially affected by CVE-2026-6907 via django (>=5.2.0 <=5.2.13)
django PYPI version =5.2.0, =0.2.6, =0.1.0, =0.1.0, =1.3.0, =1.92.0.5, =4.2.0, =0.0.7, =3.0.0, =0.1.0, =0.1.1 and more Source cves: CVE-2026-6907 Source advisory: OSV:GHSA-5HRC-GVXJ-W55P...
async-std-resolver (>=0.25.0-alpha.1 <=0.25.0-alpha.5), ezk-sip-ua (>=0.5.0 <=0.7.1) +3 more potentially affected by unknown CVE via hickory-proto (=0.25.0-alpha.5)
hickory-proto CARGO version =0.25.0-alpha.5 is affected by a known vulnerability. The following packages have a transitive dependency on hickory-proto and may be impacted: - async-std-resolver =0.25.0-alpha.1, =0.5.0, =0.25.0-alpha.1, =0.25.0-alpha.5 - hickory-resolver =0.25.0-alpha.1 Source cves...
africa.absa:inception-application (>=1.1.0 <=1.2.0), africa.absa:inception-test (>=1.1.0 <=1.2.0) +2768 more potentially affected by CVE-2026-22745 via org.springframework:spring-webflux (>=5.0.0.RELEASE <=5.3.4)
org.springframework:spring-webflux MAVEN version =5.0.0.RELEASE, =1.1.0, =1.1.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =0.0.1, =v0.3.12, =v0.3.10, =v0.3.12, =2.1.2.RELEASE, =4.1.36, =4.1.7, =4.7.1 - br.com.m4rc310:br-com-m4rc310-graphql =1.0.1 - br.com.m4rc310:br-com-m4rc310-libs =1.0.1 and more...
ai.platon.pulsar:pulsar-e2e-tests (>=4.5.0 <=4.6.0), ai.platon.pulsar:pulsar-it-tests (>=4.5.0 <=4.7.4) +1846 more potentially affected by CVE-2026-22745 via org.springframework:spring-webmvc (>=7.0.0 <=7.0.6)
org.springframework:spring-webmvc MAVEN version =7.0.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =4.5.0, =2.0.0, =2.0.0, =0.1.1, =0.2.0, =0.5.0, =0.7.0, =0.5.0, =0.5.0, =0.7.5 and more Source cves: CVE-2026-22745 Source advisory: OSV:GHSA-6P4F-WCWH-5VVM...
com.redis.om:redis-om-spring-ai (>=1.0.0 <=2.0.5), io.github.massimilianopili:mcp-embeddings-tools (>=0.0.1 <=0.1.0) +2 more potentially affected by CVE-2026-40979 via org.springframework.ai:spring-ai-transformers (>=1.0.0 <=1.0.5)
org.springframework.ai:spring-ai-transformers MAVEN version =1.0.0, =1.0.0, =0.0.1, =1.0.0, =1.0.5 Source cves: CVE-2026-40979 Source advisory: OSV:GHSA-R5HP-3CGJ-J6XV...
au.com.versent.jenkins.plugins:ignore-committer-strategy (>=37.v0d3157c4a_ef8 <=57.v0756db_b_f6926), be.mogo.iam:mogo-provisioning (>=1.0.1.RELEASE <=1.1.7.RELEASE) +898 more potentially affected by CVE-2026-41635 via org.apache.mina:mina-core (>=2.0.0 <=2.0.27)
org.apache.mina:mina-core MAVEN version =2.0.0, =37.v0d3157c4aef8, =1.0.1.RELEASE, =1.1.8.RELEASE, =1.1.5.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.0.RELEASE, =1.0.2.RELEASE, =2.0.0, =1.0.7, =1.1.6, =1.1.0, =1.0.0, =1.1.0, =5.1.3 and more Source cves: CVE-2026-41635 Source advisory:...
ai.new-wave:spring-agent-app (>=0.1.0 <=0.3.0), ai.new-wave:spring-agent-core (>=0.1.0 <=0.3.0) +7260 more potentially affected by CVE-2026-22745 via org.springframework:spring-core (>=7.0.0-M1 <=7.0.6)
org.springframework:spring-core MAVEN version =7.0.0-M1, =0.1.0, =0.1.0, =4.5.0, =4.7.11, =4.5.0, =4.5.0, =4.3.0, =4.3.0, =4.3.0, =4.7.0, =4.7.4, =4.7.4, =4.3.0, =4.7.0, =4.5.0, =4.6.0 and more Source cves: CVE-2026-22745 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORK-16109618...
AskAI (=0.1.0), BiliupApi (>=0.1.0 <=0.1.7) +4019 more potentially affected by unknown CVE via rustls-webpki (>=0.101.7 <=0.102.8)
rustls-webpki CARGO version =0.101.7, =0.1.0, =0.1.0, =0.1.0, =0.1.0, =0.0.26, =0.4.0, =0.1.0, =0.21.0-alpha.1, =0.1.11, =0.12.1, =0.13.0 - acme =0.2.1 and more Source cves: unknown CVE Source advisory: OSV:GHSA-XGP8-3HG3-C2MH...
best.skn:skn-spring-mail (>=1.0.0 <=2.4.0), ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=7.0.0 <=8.8.1) +750 more potentially affected by CVE-2026-40478 via org.thymeleaf:thymeleaf-spring6 (>=3.1.0.M1 <=3.1.3.RELEASE)
org.thymeleaf:thymeleaf-spring6 MAVEN version =3.1.0.M1, =1.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.6.0, =7.6.0, =7.0.0, =7.0.0, =8.8.1 and more Source cves: CVE-2026-40478 Source advisory: SNYK:JAVA-ORGTHYMELEAF-16078377...
article-extractor (=0.5.8) potentially affected by unknown CVE via justhtml (=1.13.0)
justhtml PYPI version =1.13.0 is affected by a known vulnerability. The following packages have a transitive dependency on justhtml and may be impacted: - article-extractor =0.5.8 Source cves: unknown CVE Source advisory: OSV:GHSA-R758-8HXW-4845...
@agentholdings/agent-passport (>=0.1.0 <=0.1.5), @chrysb/alphaclaw (=0.8.3-beta.1) +11 more potentially affected by CVE-2026-41361 via openclaw (>=2026.3.22 <=2026.3.24)
openclaw NPM version =2026.3.22, =0.1.0, =2026.3.25, =2026.3.24-3, =0.14.39, =0.1.1, =2.0.1, =0.0.7, =0.14.6, =0.1.0, =0.1.5 Source cves: CVE-2026-41361 Source advisory: SNYK:JS-OPENCLAW-15865306...
com.embabel.agent:embabel-agent-bedrock-autoconfigure (>=0.3.0 <=0.3.4), com.embabel.agent:embabel-agent-starter-bedrock (>=0.3.0 <=0.3.4) +2 more potentially affected by CVE-2026-22742 via org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai (>=1.1.0-M1 <=1.1.3)
org.springframework.ai:spring-ai-autoconfigure-model-bedrock-ai MAVEN version =1.1.0-M1, =0.3.0, =0.3.0, =1.1.0, =1.1.0, =1.1.3 Source cves: CVE-2026-22742 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKAI-15791533...
@10xsai/cloudflare-router-nx-plugin (=1.0.0), @4itech/schematics (>=11.7.1 <=11.7.6) +977 more potentially affected by CVE-2026-33671 via picomatch (>=4.0.1 <=4.0.3)
picomatch NPM version =4.0.1, =11.7.1, =1.2.0, =8.3.0, =1.0.25, =0.0.47, =10.0.0, =10.0.0, =13.0.0, =10.0.0, =0.0.1-development, =0.0.1, =2.0.0, =1.0.57, =1.0.100 and more Source cves: CVE-2026-33671 Source advisory: OSV:GHSA-C2C7-RCM5-VVQJ...
@bigegg/parse-server-schema-config (>=1.0.5 <=1.0.10), @kontaa/subgraph (>=1.0.1 <=1.2.3) +27 more potentially affected by CVE-2026-30949 via parse-server (>=2.0.8 <=7.5.4)
parse-server NPM version =2.0.8, =1.0.5, =1.0.1, =1.2.1, =2.4.46, =2.4.8, =1.0.0, =1.0.0, =1.0.1, =0.1.1, =0.0.2, =1.0.0, =0.1.0, =0.1.7, =0.0.1, =0.0.29 - parse-cli-server2 =0.0.30 and more Source cves: CVE-2026-30949 Source advisory: OSV:GHSA-48MH-J4P5-7J9V...
@jamietanna/renovate-graph (=0.36.0), @secustor/backstage-plugin-renovate-backend-module-runtime-direct (=3.1.1) potentially affected by unknown CVE via renovate (>=42.92.4 <=42.92.5)
renovate NPM version =42.92.4, =42.92.5 is affected by a known vulnerability. The following packages have a transitive dependency on renovate and may be impacted: - @jamietanna/renovate-graph =0.36.0 - @secustor/backstage-plugin-renovate-backend-module-runtime-direct =3.1.1 Source cves: unknown C...
1inch-agent-kit (=1.0.53), @0xchain/auth (>=0.0.1 <=1.1.0-beta.18) +4225 more potentially affected by CVE-2026-25639 via axios (>=1.0.0-alpha.1 <=1.13.4)
axios NPM version =1.0.0-alpha.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =0.0.2-beta.0, =8.0.5, =6.1.0, =0.0.1-alpha.3, =0.1.6-alpha.11, =1.0.3-rc.0, =2.0.1 - @1tokenfe/hd-ble-sdk =1.1.15 - @1tokenfe/hd-common-connect-sdk =1.1.15 - @1tokenfe/hd-core =1.1.15 and more Source cves: CVE-2026-25639 Source...
ai.ancf.lmos-router:benchmarks (>=0.2.0 <=0.28.0), ai.ancf.lmos-router:lmos-router-hybrid (>=0.2.0 <=0.28.0) +22715 more potentially affected by CVE-2025-67735 via io.netty:netty-codec-http (>=4.0.0.Alpha1 <=4.1.128.Final)
io.netty:netty-codec-http MAVEN version =4.0.0.Alpha1, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.2.0, =0.1.1, =0.1.1, =0.1.1, =0.0.4, =0.6.0 - ai.ancf.lmos:lmos-router-hybrid =0.1.0 - ai.ancf.lmos:lmos-router-hybrid-spring-boot-starter =0.1.0 - ai.ancf.lmos:lmos-router-llm =0.1.0 -...
ai.catboost:catboost-spark_2.11 (>=0.25-rc1 <=0.25-rc3), ai.catboost:catboost-spark_2.12 (>=0.25-rc1 <=0.25-rc3) +15057 more potentially affected by CVE-2025-12183 +1 more via org.lz4:lz4-java (>=1.4 <=1.8.1)
org.lz4:lz4-java MAVEN version =1.4, =0.25-rc1, =0.25-rc1, =0.25, =0.25, =0.25, =0.25, =1.0.1, =1.0.6, =1.0.6, =1.1, =1.1.1, =1.2, =1.2, =1.2.3, =1.2.3, =1.2.10 and more Source cves: CVE-2025-12183, CVE-2025-66566 Source advisory: SNYK:JAVA-ORGLZ4-14219384...
@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +6 more potentially affected by CVE-2025-55182 via react-server-dom-webpack (=19.0.0)
react-server-dom-webpack NPM version =19.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on react-server-dom-webpack and may be impacted: - @amazeelabs/bridge-waku =1.1.9, =3.1.12, =1.4.7, =1.1.3, =0.0.0-next-20250108080920, =0.0.0-next-20250108080920...
@1771technologies/oneplay (>=0.0.1 <=0.0.6), @aicblock/cli (>=1.0.0 <=1.0.1) +159 more potentially affected by CVE-2025-58752 via vite (>=6.0.0 <=6.3.5)
vite NPM version =6.0.0, =0.0.1, =1.0.0, =1.0.0, =0.2.0, =4.25.19-patch.2, =19.1.0, =0.55.0, =0.21.2-4.1, =0.4.2, =0.1.10, =0.0.1, =1.0.0, =1.0.3 and more Source cves: CVE-2025-58752 Source advisory: SNYK:JS-VITE-12558116...
com.github.cafaudit:caf-audit-binding-elasticsearch (>=5.0.3-1321 <=5.0.4-1329), com.github.cafaudit:caf-audit-monkey-container (>=5.0.3-1321 <=5.0.4-1329) +78 more potentially affected by CVE-2025-9341 via org.bouncycastle:bc-fips (=2.1.0)
org.bouncycastle:bc-fips MAVEN version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bc-fips and may be impacted: - com.github.cafaudit:caf-audit-binding-elasticsearch =5.0.3-1321, =5.0.3-1321, =5.0.3-1321, =5.0.3-1321,...
simple-basic-react-button (=0.1.0) potentially affected by unknown CVE via prpo-types (=0.0.1-security)
prpo-types NPM version =0.0.1-security is affected by a known vulnerability. The following packages have a transitive dependency on prpo-types and may be impacted: - simple-basic-react-button =0.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-30788...
ai.ancf.lmos-router:lmos-router-llm-in-spring-cloud-gateway-demo (>=0.2.0 <=0.28.0), ai.ancf.lmos:lmos-router-llm-in-spring-cloud-gateway-demo (=0.1.0) +12782 more potentially affected by CVE-2025-8916 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.78.1)
org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.2.0, =0.31.0, =0.5.0, =0.6.0, =0.5.0, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.8.7 and more Source cves: CVE-2025-8916 Source advisory: SNYK:JAVA-ORGBOUNCYCASTLE-11789695...
ai.driftkit:driftkit-context-engineering-spring-ai-starter (>=0.6.0 <=0.8.7), ai.driftkit:driftkit-context-engineering-spring-boot-starter (>=0.5.0 <=0.8.7) +7655 more potentially affected by CVE-2025-8885 via org.bouncycastle:bcprov-jdk18on (>=1.71 <=1.77)
org.bouncycastle:bcprov-jdk18on MAVEN version =1.71, =0.6.0, =0.5.0, =0.7.0, =0.7.0, =0.5.0, =0.8.3, =0.8.3, =0.8.3, =0.5.0, =0.5.0, =1.4.0, =1.2.0, =1.2.0-alpha07, =2023.12.01.210510-f61f157, =2023.12.01.210510-f61f157, =2025.05.12.160240-6152e21 and more Source cves: CVE-2025-8885 Source...
@originalworks/protocol-core-contracts (>=0.0.4 <=0.0.8), @pendle/boros-core (>=1.0.0 <=1.0.6) +13 more potentially affected by CVE-2025-54070 via @openzeppelin/contracts-upgradeable (>=5.2.0 <=5.3.0)
@openzeppelin/contracts-upgradeable NPM version =5.2.0, =0.0.4, =1.0.0, =0.1.0, =0.4.27, =0.3.0, =0.5.3, =7.9.0-maine3c28f1, =3.0.0, =1.0.0-alpha.1, =0.3.0, =0.3.0, =0.3.2, =0.1.0, =0.1.0, =0.2.0, =0.3.2 Source cves: CVE-2025-54070 Source advisory: OSV:GHSA-9RCW-C2F9-2J55...
ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess (>=0.1.0 <=0.2.0), ai.aletyx.kogito:aletyx-kogito-ai-addons-springboot-adhoc-subprocess-storage-jpa (>=0.1.0 <=0.2.0) +15959 more potentially affected by CVE-2025-22233 via org.springframework:spring-context (>=6.2.0 <=6.2.6)
org.springframework:spring-context MAVEN version =6.2.0, =0.1.0, =0.1.0, =0.114.0, =0.114.0, =0.114.0, =0.114.0, =0.5.0, =0.8.0, =0.9.0 - ai.astraform:remote-domain-author-kit-java =0.1.0 and more Source cves: CVE-2025-22233 Source advisory: OSV:GHSA-4WP7-92PW-Q264...
@abaplint/database-snowflake (>=2.7.93 <=2.7.101), @activeboxes/piece-snowflake (=0.0.10) +180 more potentially affected by CVE-2025-46328 via snowflake-sdk (>=1.10.0 <=2.0.2)
snowflake-sdk NPM version =1.10.0, =2.7.93, =0.0.1, =0.0.19, =0.0.5, =8.0.0, =0.1.0, =0.1.0, =1.8.0, =0.0.0, =0.4.4, =0.7.17, =1.0.0, =1.0.2 and more Source cves: CVE-2025-46328 Source advisory: OSV:GHSA-WMJQ-JRM2-9WFR...
io.xuxiaowei.seata:seata-server (=2.1.0), org.apache.seata:seata-all (=2.1.0) +54 more potentially affected by CVE-2024-47552 via org.apache.seata:seata-config-core (=2.1.0)
org.apache.seata:seata-config-core MAVEN version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.seata:seata-config-core and may be impacted: - io.xuxiaowei.seata:seata-server =2.1.0 - org.apache.seata:seata-all =2.1.0 -...
ColumnPack:ColumnPack-plugin (=1.0.3), CustomHistory:CustomHistory (>=1.1 <=1.3) +1820 more potentially affected by CVE-2025-27625 via org.jenkins-ci.main:jenkins-core (>=1.396 <=2.492.1)
org.jenkins-ci.main:jenkins-core MAVEN version =1.396, =1.1, =0.0.1, =1.0, =1.0, =0.0.1, =0.1.0, =1.0, =0.9, =1.3, =1.0.5.0, =1.0.6.1 and more Source cves: CVE-2025-27625 Source advisory: OSV:GHSA-8HMV-92WM-39CH...
5dee (=0.1.0), a5py (>=0.1.0 <=0.1.1) +482 more potentially affected by unknown CVE via gdal (>=3.0.1 <=3.9.0)
gdal PYPI version =3.0.1, =0.1.0, =0.0.1, =0.9.0, =0.6.1, =0.1.2, =0.1.1a2, =1.0.1, =1.0.0, =1.9.3, =0.2.0, =1.6.2, =0.0.1, =0.0.5 and more Source cves: unknown CVE Source advisory: SNYK:PYTHON-GDAL-8445270...
Boa (>=0.13.0 <=0.13.1), arci-urdf-viz (>=0.0.7 <=0.1.0) +87 more potentially affected by unknown CVE via fast-float (=0.2.0)
fast-float CARGO version =0.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on fast-float and may be impacted: - Boa =0.13.0, =0.0.7, =0.1.0, =0.1.0, =0.1.2, =0.1.0, =0.19.0, =0.3.0, =0.4.1, =0.6.2, =0.3.2, =0.4.1, =0.3.2, =0.20.2 and more Source cves...
ca.uhn.hapi.fhir:hapi-fhir-cli-api (>=4.0.0 <=7.4.5), ca.uhn.hapi.fhir:hapi-fhir-cli-app (>=5.6.5 <=7.4.5) +208 more potentially affected by CVE-2024-51132 via ca.uhn.hapi.fhir:org.hl7.fhir.convertors (>=0.0.1 <=6.3.9)
ca.uhn.hapi.fhir:org.hl7.fhir.convertors MAVEN version =0.0.1, =4.0.0, =5.6.5, =4.1.0, =4.0.0, =4.1.0, =4.0.0, =5.0.0, =4.0.0, =5.3.0, =6.2.0, =5.1.0, =6.8.0, =6.4.0, =5.3.0, =4.0.0, =5.5.7 and more Source cves: CVE-2024-51132 Source advisory: OSV:GHSA-4CF2-CXP3-RJR7...
be.zvz:KotlinInside (>=1.14.0 <=1.16.2), com.connectrpc:connect-kotlin-google-javalite-ext (>=0.2.0 <=0.5.1) +14 more potentially affected by CVE-2024-7254 via com.google.protobuf:protobuf-kotlin-lite (>=3.17.1 <=3.25.3)
com.google.protobuf:protobuf-kotlin-lite MAVEN version =3.17.1, =1.14.0, =0.2.0, =16.0.0-alpha01, =7.7.1, =7.7.1, =0.2.19, =2.1.23, =0.1.0, =0.3.1, =0.1.1, =0.1.1, =3.23.2, =0.100.0, =0.130.1 and more Source cves: CVE-2024-7254 Source advisory: OSV:GHSA-735F-PC8J-V9W8...
dagster-dbt (>=0.21.7 <=0.21.12), dbt-docs-mcp (=0.0.1) +4 more potentially affected by CVE-2024-36105 via dbt-core (>=1.8.0 <=1.8.0rc2)
dbt-core PYPI version =1.8.0, =0.21.7, =0.5.3, =1.12.1rc1, =1.14.0b6 Source cves: CVE-2024-36105 Source advisory: OSV:GHSA-PMRX-695R-4349...
org.apache.pulsar:pulsar-server-distribution (>=3.0.0 <=3.0.17) potentially affected by CVE-2022-34321 via org.apache.pulsar:pulsar-proxy (>=3.0.0 <=3.0.17)
org.apache.pulsar:pulsar-proxy MAVEN version =3.0.0, =3.0.0, =3.0.17 Source cves: CVE-2022-34321 Source advisory: OSV:GHSA-C35H-W8HJ-MM55...
cc.uncarbon.framework:helio-starter-dubbo (>=2.0.0 <=2.2.0), cn.dev33:sa-token-dubbo3 (>=1.35.0.RC <=1.45.0) +52 more potentially affected by CVE-2023-29234 via org.apache.dubbo:dubbo (>=3.2.0 <=3.2.4)
org.apache.dubbo:dubbo MAVEN version =3.2.0, =2.0.0, =1.35.0.RC, =2023.0.0.0, =2023.0.0.0-beta2, =4.0.5, =4.0.5, =1.2.0, =1.0.0, =1.0.0, =1.0.0, =3.0.2, =3.0.6 - com.mobaijun:loadbalancer-spring-boot-starter =3.0.2 - com.mobaijun:test-spring-boot-starter-example =3.0.3 -...
@codefresh-io/cubejs-backend-server-core (>=0.30.77 <=0.30.83), @cubejs-backend-json-clone/server (=1.0.0) +16 more potentially affected by CVE-2023-50709 via @cubejs-backend/api-gateway (>=0.0.18 <=0.33.65)
@cubejs-backend/api-gateway NPM version =0.0.18, =0.30.77, =0.0.8, =0.0.7, =0.0.24, =0.10.0, =0.10.0, =0.32.28, =0.29.4, =1.0.0, =0.27.30, =0.30.61, =0.32.0, =0.33.8 and more Source cves: CVE-2023-50709 Source advisory: OSV:GHSA-9759-3276-G2PM...
org.apache.james.examples:custom-james-assembly (>=3.7.0 <=3.7.3), org.apache.james.examples:custom-mailets (>=3.6.0 <=3.7.3) +141 more potentially affected by CVE-2023-26269 via org.apache.james:javax-mail-extension (>=3.1.0 <=3.7.3)
org.apache.james:javax-mail-extension MAVEN version =3.1.0, =3.7.0, =3.6.0, =3.7.0, =3.7.0, =3.4.0, =3.4.0, =3.6.0, =3.1.0, =3.1.0, =3.7.0, =3.4.0, =3.1.0, =3.1.0, =3.7.0, =3.7.3 and more Source cves: CVE-2023-26269 Source advisory: OSV:GHSA-W7R6-V4J7-H94Whttps://vulners.com/osv/OSV:GHSA-W7R6-V4J...
com.bstek.ureport:ureport2-console (>=2.0.0 <=2.2.9), com.bstek.ureport:ureport2-font (>=2.0.0 <=2.0.1) +13 more potentially affected by CVE-2023-24187 via com.bstek.ureport:ureport2-core (>=2.0.0 <=2.2.9)
com.bstek.ureport:ureport2-core MAVEN version =2.0.0, =2.0.0, =2.0.0, =1.0.0, =1.0.0, =1.0.0, =1.0.0, =1.5.1, =1.5.1, =0.0.1, =1.1.0, =3.0.4-RELEASE, =2.0, =2.8.0, =4.2.0, =4.10.0 Source cves: CVE-2023-24187 Source advisory: OSV:GHSA-FHJ6-GR87-G4CJ...
a2 (>=0.2.0 <=0.3.6), abc (>=0.1.0 <=0.2.3) +521 more potentially affected by unknown CVE via crossbeam (>=0.1.6 <=0.6.0)
crossbeam CARGO version =0.1.6, =0.2.0, =0.1.0, =0.1.0, =0.0.1, =0.0.1, =0.2.0, =0.5.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.0, =0.8.0 and more Source cves: unknown CVE Source advisory: OSV:GHSA-8GJ8-HV75-GP94...
ai.ylyue:yue-library-webflux (=j11.2.6.0), ca.gc.cyber.ops:assemblyline-java-client (>=1.7 <=1.8) +544 more potentially affected by CVE-2022-22965 via org.springframework.boot:spring-boot-starter-webflux (>=2.6.0 <=2.6.5)
org.springframework.boot:spring-boot-starter-webflux MAVEN version =2.6.0, =1.7, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =3.1.305, =0.2.2, =1.1.3, =1.1.3, =3.12.0, =5.1.1-jdk1.8, =5.1.1-jdk1.8, =5.1.2-jdk1.8 and more Source cves: CVE-2022-22965 Source advisory: OSV:GHSA-36P3-WJMG-H94X...
arekit (>=0.21.0 <=0.22.1), arenets (>=0.23.0 <=0.23.1) +171 more potentially affected by CVE-2022-23589 via tensorflow-gpu (>=1.10.1 <=2.5.1)
tensorflow-gpu PYPI version =1.10.1, =0.21.0, =0.23.0, =0.9.2, =0.1.0, =0.0.1, =0.0.9, =0.1.0, =0.0.1, =1.0.0, =1.0.3 - brainhance =0.0.1 - cctv-analysis =0.0.2 and more Source cves: CVE-2022-23589 Source advisory: OSV:GHSA-9PX9-73FG-3FQP...
bent (>=0.0.9 <=0.0.80), tensorflow-recommenders-addons-gpu (>=0.3.0 <=0.4.1) potentially affected by CVE-2021-41210 via tensorflow-gpu (=2.5.1)
tensorflow-gpu PYPI version =2.5.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-gpu and may be impacted: - bent =0.0.9, =0.3.0, =0.4.1 Source cves: CVE-2021-41210 Source advisory: OSV:GHSA-M342-FF57-4JCC...
aadetools (>=0.0.3 <=0.0.5), aegea (>=2.0.0 <=2.2.5) +119 more potentially affected by CVE-2021-3572 via pip (>=10.0.0b2 <=21.0.1)
pip PYPI version =10.0.0b2, =0.0.3, =2.0.0, =0.1.2, =0.0.1, =5.1.0, =0.0.1, =0.0.0, =0.0.2, =0.1.0, =0.0.0, =0.1.0.dev1, =0.0.1, =0.0.1, =0.2.3 and more Source cves: CVE-2021-3572 Source advisory: OSV:PYSEC-2021-437...
alphapulldown (>=0.21.2 <=0.22.3), analytics-lib (>=0.0.1 <=0.0.2) +52 more potentially affected by CVE-2021-37641 via tensorflow (=2.5.0)
tensorflow PYPI version =2.5.0 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow and may be impacted: - alphapulldown =0.21.2, =0.0.1, =1.1.0, =0.8.1, =3.3.0, =0.0.24, =1.0.0, =2.0.2, =0.6.0, =0.7.0, =1.4.0 - fancyimpute =0.6.0 and more Source...