pypi

5,009 tracked vulnerabilities.

CVE-2023-38686 CRITICAL
Sydent < 2.5.6 - Improper Certificate Validation in SMTP TLS
Aug 04, 2023
CVSS 9.3
EPSS 0.00
CVE-2023-4138 MEDIUM
rdiffweb < 2.8.0 - Denial of Service via Resource Exhaustion
Aug 03, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-4033 HIGH
mlflow/mlflow <2.6.0 - Command Injection
Aug 01, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-38673 CRITICAL
PaddlePaddle <2.5.0 - Command Injection
Jul 26, 2023
CVSS 9.6
EPSS 0.02
CVE-2023-38672 MEDIUM
PaddlePaddle <2.5.0 - Memory Corruption
Jul 26, 2023
CVSS 4.7
EPSS 0.01
CVE-2023-38671 HIGH
PaddlePaddle <2.5.0 - Buffer Overflow
Jul 26, 2023
CVSS 8.3
EPSS 0.01
CVE-2023-38670 MEDIUM
PaddlePaddle <2.5.0 - Use After Free
Jul 26, 2023
CVSS 4.7
EPSS 0.01
CVE-2023-38669 HIGH
PaddlePaddle <2.5.0 - Use After Free
Jul 26, 2023
CVSS 8.3
EPSS 0.01
CVE-2023-38501 MEDIUM NUCLEI
copyparty < 1.8.7 - Reflected Cross-Site Scripting via URL Parameters
Jul 25, 2023
CVSS 6.3
EPSS 0.06
CVE-2023-37920 HIGH
certifi >=2015.4.28 <2023.7.22 - Insufficient Verification of Data Authenticity
Jul 25, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-37902 MEDIUM
vyper < 0.3.10 - Unchecked Return Value in ecrecover Precompile
Jul 25, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-36826 HIGH
Sentry 8.21.0-23.5.2 - Authenticated Improper Authorization via Debug/Artifact Bundle Download
Jul 25, 2023
CVSS 7.7
EPSS 0.01
CVE-2023-3637 MEDIUM
Red Hat OpenStack Platform - Authenticated Denial of Service via Security Group Query
Jul 25, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-38200 HIGH
Keylime < 7.4.0 - Denial of Service via SSL Connection Exhaustion
Jul 24, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-37901 MEDIUM
Indico < 3.2.6 - Stored Cross-Site Scripting in Confirmation Prompts
Jul 21, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-37276 MEDIUM
aiohttp < 3.8.5 - HTTP Request Smuggling via llhttp Parser
Jul 19, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-3674 LOW
keylime < 7.2.5 - Insufficient Attestation Verification via TPM Quote Signature Validation
Jul 19, 2023
CVSS 2.3
EPSS 0.00
CVE-2023-3765 CRITICAL NUCLEI
MLflow < 2.5.0 - Absolute Path Traversal
Jul 19, 2023
CVSS 10.0
EPSS 0.71
CVE-2023-37481 LOW
Fides 2.11.0-2.15.1 - Authenticated Denial of Service via SVG Bomb in Zip Upload
Jul 18, 2023
CVSS 2.7
EPSS 0.01
CVE-2023-37480 LOW
Fides 2.11.0-2.15.1 - Authenticated Denial of Service via Malicious Zip Bomb Upload
Jul 18, 2023
CVSS 2.7
EPSS 0.01
CVE-2023-38325 HIGH
Cryptography <41.0.2 - Info Disclosure
Jul 14, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-37474 HIGH NUCLEI
copyparty < 1.8.2 - Path Traversal via .cpr Subfolder
Jul 14, 2023
CVSS 7.5
EPSS 0.45
CVE-2023-37415 HIGH
Apache Airflow Apache Hive Provider < 6.1.2 - OS Command Injection via Proxy User Option
Jul 13, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-36543 MEDIUM
Apache Airflow < 2.6.3 - Authenticated Denial of Service via Inefficient Regular Expression
Jul 12, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-35908 MEDIUM
Apache Airflow <2.6.3 - Info Disclosure
Jul 12, 2023
CVSS 6.5
EPSS 0.01