pypi
5,009 tracked vulnerabilities.
CVE-2023-32672
MEDIUM
Apache Superset <= 2.1.0 - Authenticated Incorrect Authorization in SQLLab
Sep 06, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-39264
MEDIUM
Apache Superset <= 2.1.0 - Sensitive Information Exposure via REST API Error Stack Traces
Sep 06, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-36388
MEDIUM
Apache Superset <= 2.1.0 - Authenticated Server-Side Request Forgery via Network Connection Test
Sep 06, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-36387
MEDIUM
Apache Superset <2.1.0 - Info Disclosure
Sep 06, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-27526
MEDIUM
Apache Superset <= 2.1.0 - Authenticated Incorrect Authorization via Import Charts Feature
Sep 06, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-27523
MEDIUM
Apache Superset <= 2.1.0 - Authenticated Improper Data Authorization in Jinja Templated Queries
Sep 06, 2023
CVSS 5.0
EPSS 0.01
CVE-2023-20898
MEDIUM
Salt <3005.2-3006.2 - Info Disclosure
Sep 05, 2023
CVSS 4.2
EPSS 0.00
CVE-2023-20897
MEDIUM
SaltStack Salt < 3005.2 - Denial of Service via Minion Return Request Handling
Sep 05, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-41057
MEDIUM
hyper-bump-it < 0.5.1 - Path Traversal via Unchecked File Glob Pattern
Sep 04, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-41052
LOW
vyperlang/vyper < 0.3.9 and pypi/vyper < 0.3.10rc1 - Always-Incorrect Control Flow Implementation in Builtin Functions
Sep 04, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-40015
LOW
vyperlang/vyper < 0.3.9 - Always-Incorrect Control Flow Implementation
Sep 04, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-39631
CRITICAL
langchain - Remote Code Execution via Numexpr Evaluate Function
Sep 01, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-41040
MEDIUM
GitPython < 3.1.37 - Path Traversal via Unsanitized Reference File Path
Aug 30, 2023
CVSS 4.0
EPSS 0.01
CVE-2023-41039
HIGH
RestrictedPython < 5.4 - Information Disclosure via Format String Injection
Aug 30, 2023
CVSS 8.3
EPSS 0.01
CVE-2023-36811
MEDIUM
borgbackup < 1.2.5 - Cryptographic Signature Spoofing via Archive Forgery
Aug 30, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-40889
CRITICAL
ZBar 0.23.90 - Heap-Based Buffer Overflow in QR Code Reader
Aug 29, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-40170
MEDIUM
jupyter_server < 2.7.2 - Improper Access Control in Files Endpoint
Aug 28, 2023
CVSS 4.6
EPSS 0.01
CVE-2023-39968
MEDIUM
jupyter_server < 2.7.2 - Open Redirect via Malicious Login Links
Aug 28, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-40590
HIGH
GitPython < 3.1.32 - Untrusted Search Path via Git Executable Resolution
Aug 28, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-40195
HIGH
Apache Airflow Spark Provider < 4.1.3 - Authenticated Remote Code Execution via Malicious Spark Server
Aug 28, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-27604
HIGH
Apache Airflow Sqoop Provider < 4.0.0 - Authenticated Remote Code Execution via Sqoop Import Connection Parameters
Aug 28, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-40587
MEDIUM
Pyramid 2.0.0-2.0.1 - Path Traversal via Static View Index File Disclosure
Aug 25, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-38201
MEDIUM
Keylime < 7.5.0 - Authorization Bypass via Challenge-Response Protocol
Aug 25, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-40570
MEDIUM
Datasette 1.0a0-1.0a3 - Unauthenticated Sensitive Information Exposure via API Explorer Endpoint
Aug 25, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-40017
HIGH
GeoNode 3.2.0-4.1.2 - Server-Side Request Forgery via Proxy Endpoint
Aug 24, 2023
CVSS 7.5
EPSS 0.01
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
vllm 50
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters