pypi
5,009 tracked vulnerabilities.
CVE-2023-40273
HIGH
Apache Airflow < 2.7.0 - Authenticated Session Fixation via Password Reset
Aug 23, 2023
CVSS 8.0
EPSS 0.01
CVE-2023-39441
MEDIUM
Apache Airflow < 2.7.0 - Improper Certificate Validation
Aug 23, 2023
CVSS 5.9
EPSS 0.01
CVE-2023-37379
HIGH
Apache Airflow < 2.7.0 - Authenticated Denial of Service via Connection Test Feature
Aug 23, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-36281
CRITICAL
langchain < 0.0.312 - Remote Code Execution via load_prompt JSON File
Aug 22, 2023
CVSS 9.8
EPSS 0.03
CVE-2023-39660
CRITICAL
pandasai < 0.8.0 - Remote Code Execution via Prompt Function
Aug 21, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-40272
HIGH
Apache Airflow Spark Provider < 4.1.3 - Arbitrary File Read via Connection Parameters
Aug 17, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-39662
CRITICAL
llamaindex < 0.7.13 - Remote Code Execution via PandasQueryEngine exec Parameter
Aug 15, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-39661
CRITICAL
pandasai < 0.9.1 - Remote Code Execution via _is_jailbreak Function
Aug 15, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-39659
CRITICAL
langchain < 0.0.232 - Remote Code Execution via PythonAstREPLTool._run
Aug 15, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-38896
CRITICAL
Harrison Chase langchain <0.0.194 - RCE
Aug 15, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-38860
CRITICAL
LangChain < 0.0.247 - Remote Code Execution via Prompt Parameter
Aug 15, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-40024
MEDIUM
scancode.io < 32.5.2 - Cross-Site Scripting in License Details View
Aug 14, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-39553
HIGH
Apache Airflow Drill Provider < 2.4.3 - Unauthenticated Arbitrary File Read via DrillHook Connection Parameters
Aug 11, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-40267
CRITICAL
GitPython <3.1.32 - Info Disclosure
Aug 11, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-27506
MEDIUM
Intel Optimization for TensorFlow < 2.12 - Authenticated Privilege Escalation via Improper Buffer Restrictions
Aug 11, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-39531
MEDIUM
Sentry 10.0.0-23.7.1 - Improper Authentication during OAuth Token Exchange
Aug 09, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-33953
HIGH
gRPC < 1.53.2 - Denial of Service via HPACK Parser Memory and CPU Exhaustion
Aug 09, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-38759
HIGH
wger Project wger Workout Manager 2.2.0a3 - CSRF
Aug 08, 2023
CVSS 8.8
EPSS 0.00
CVE-2023-38758
MEDIUM
wger Project wger Workout Manager <2.2.0a3 - XSS
Aug 08, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-39523
MEDIUM
ScanCode.io < 32.5.1 - Authenticated Command Injection via Docker Reference Parameter
Aug 07, 2023
CVSS 6.8
EPSS 0.02
CVE-2023-39363
MEDIUM
vyper 0.2.15-0.3.0 - Incorrect Authorization via Named Re-entrancy Lock Allocation
Aug 07, 2023
CVSS 5.9
EPSS 0.01
CVE-2023-39349
HIGH
Sentry 22.1.0-23.7.1 - Authenticated Token Scope Escalation via API Token Query
Aug 07, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-39508
HIGH
Apache Airflow < 2.6.0 - Authenticated Privilege Escalation and DAG Access Bypass via Run Task Feature
Aug 05, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-36095
CRITICAL
Harrison Chase langchain <0.0.194 - RCE
Aug 05, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-38699
CRITICAL
MindsDB's AI Virtual Database <23.7.4.0 - Info Disclosure
Aug 04, 2023
CVSS 9.1
EPSS 0.00
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
vllm 50
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters