pypi

5,009 tracked vulnerabilities.

CVE-2023-40581 HIGH
yt-dlp 2021.04.11-2023.09.24 - OS Command Injection via --exec Output Template Expansion
Sep 25, 2023
CVSS 8.3
EPSS 0.01
CVE-2023-41419 CRITICAL
Gevent <23.9.0 - Privilege Escalation
Sep 25, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-1636 MEDIUM
OpenStack Barbican - Privilege Escalation
Sep 24, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-1633 MEDIUM
OpenStack Barbican - Info Disclosure
Sep 24, 2023
CVSS 6.6
EPSS 0.00
CVE-2023-1625 HIGH
OpenStack Heat - Authenticated Information Disclosure via Stack Show Command
Sep 24, 2023
CVSS 7.4
EPSS 0.01
CVE-2023-5002 MEDIUM
pgAdmin 4 < 7.7 - Authenticated OS Command Injection via External Utility Path Validation
Sep 22, 2023
CVSS 6.0
EPSS 0.01
CVE-2023-42261 HIGH
Mobile Security Framework <= 3.7.8 Beta - Insecure Default Permissions
Sep 21, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-42458 LOW
Zope < 4.8.10 - Stored Cross-Site Scripting via SVG Image Upload
Sep 21, 2023
CVSS 3.7
EPSS 0.01
CVE-2023-42457 HIGH
plone.rest 2.0.0a1-2.0.0 - Denial of Service via Repeated ++api++ Traverser
Sep 21, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-41048 LOW
plone.namedfile < 5.6.1 - Stored Cross-Site Scripting via SVG Image Scales
Sep 21, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-42443 HIGH
vyperlang/vyper < 0.3.10 - Out-of-bounds Write in raw_call, create_from_blueprint, and create_copy_of Builtins
Sep 18, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-42441 MEDIUM
vyper 0.2.9-0.3.9 - Improper Locking in Nonreentrant Decorator
Sep 18, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-41626 MEDIUM
Gradio 3.27.0 - Arbitrary File Upload via Upload Interface
Sep 15, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-42439 HIGH
GeoNode 3.2.0-4.1.3 - Server-Side Request Forgery via Whitelist Bypass
Sep 15, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-41267 HIGH
Apache Airflow HDFS Provider <4.1.1 - Info Disclosure
Sep 14, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-4785 HIGH
gRPC 1.23.0-1.53.1 - Denial of Service via TCP Connection Flood
Sep 13, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-41885 MEDIUM
piccolo < 0.121.0 - User Enumeration via BaseUser.login
Sep 12, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-4863 HIGH KEV
Google Chrome <116.0.5845.187 - Buffer Overflow
Sep 12, 2023
CVSS 8.8
EPSS 1.00
CVE-2023-40712 MEDIUM
Apache Airflow <2.7.1 - Info Disclosure
Sep 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-40611 MEDIUM
Apache Airflow <2.7.1 - Privilege Escalation
Sep 12, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-41329 LOW
WireMock - DNS Rebinding Attack via Proxy Mode Network Restrictions
Sep 06, 2023
CVSS 3.9
EPSS 0.01
CVE-2023-41319 HIGH
Fides 2.11.0-2.19.0 - Authenticated Remote Code Execution via Custom Connector Function Sandbox Bypass
Sep 06, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-41050 MEDIUM
AccessControl < 4.4 - Exposure of Sensitive Information via str.format_map
Sep 06, 2023
CVSS 6.8
EPSS 0.01
CVE-2023-39265 LOW
Apache Superset <= 2.1.0 - SQLite Database Connection Manipulation via Alternative Driver Names
Sep 06, 2023
CVSS 3.8
EPSS 0.84
CVE-2023-37941 MEDIUM
Apache Superset 1.5.0-2.1.0 - Remote Code Execution via Metadata Database Deserialization
Sep 06, 2023
CVSS 6.6
EPSS 0.29