pypi
5,010 tracked vulnerabilities.
CVE-2023-35798
MEDIUM
Apache Airflow ODBC Provider < 4.0.0 and MSSQL Provider < 3.4.1 - Improper Input Validation in get_sqlalchemy_connection
Jun 27, 2023
CVSS 4.3
EPSS 0.01
CVE-2023-34395
HIGH
Apache Airflow ODBC Provider < 4.0.0 - Command Injection via ODBC Driver Parameters
Jun 27, 2023
CVSS 7.8
EPSS 0.01
CVE-2023-35932
HIGH
jcvi < 1.3.5 - Configuration Injection
Jun 23, 2023
CVSS 7.1
EPSS 0.02
CVE-2023-34110
LOW
Flask-AppBuilder <4.3.2 - Info Disclosure
Jun 22, 2023
CVSS 2.7
EPSS 0.01
CVE-2023-34541
CRITICAL
Langchain <0.0.171 - Code Injection
Jun 20, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-35005
MEDIUM
Apache Airflow 2.5.0-2.6.1 - Exposure of Sensitive Information via Configuration UI
Jun 19, 2023
CVSS 6.5
EPSS 0.02
CVE-2023-34540
CRITICAL
langchain < 0.0.225 - Remote Code Execution via JiraAPIWrapper
Jun 14, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-32732
MEDIUM
gRPC < 1.53.0 - Denial of Service via Base64 Encoding Error in -bin Headers
Jun 09, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-32731
HIGH
gRPC 1.53.0-1.54.3 - HPACK Table Desynchronization via Header Size Exceeded Error
Jun 09, 2023
CVSS 7.4
EPSS 0.01
CVE-2023-1428
HIGH
grpc 1.51.0-1.52.4 - Reachable Assertion via Malformed HTTP/2 Headers
Jun 09, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-34233
HIGH
Snowflake Connector for Python < 3.0.2 - Remote Code Execution via SSO Browser URL Authentication
Jun 08, 2023
CVSS 8.8
EPSS 0.02
CVE-2023-34239
HIGH
Gradio < 3.34.0 - Path Traversal and Server-Side Request Forgery
Jun 08, 2023
CVSS 7.3
EPSS 0.01
CVE-2023-33977
HIGH
Kiwi TCMS < 12.4 - Stored Cross-Site Scripting via File Upload Bypass
Jun 06, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-32683
LOW
Synapse < 1.85.0 - Server-Side Request Forgery via URL Preview Bypass
Jun 06, 2023
CVSS 3.5
EPSS 0.01
CVE-2023-32682
MEDIUM
Synapse < 1.85.0 - Improper Authentication via Uncommon Configuration
Jun 06, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-33733
HIGH
reportlab < 3.6.12 - Remote Code Execution via Crafted PDF File
Jun 05, 2023
CVSS 7.8
EPSS 0.02
CVE-2023-29159
HIGH
Starlette 0.13.5-0.26.9 - Unauthenticated Path Traversal
Jun 01, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-33234
HIGH
Apache Airflow CNCF Kubernetes Provider <5.0.0 - RCE
May 30, 2023
CVSS 7.2
EPSS 0.02
CVE-2023-2970
LOW
MindSpore 2.0.0-alpha/2.0.0-rc1 - Memory Corruption in JsonHelper::UpdateArray
May 30, 2023
CVSS 3.5
EPSS 0.01
CVE-2023-33175
CRITICAL
toui 2.0.1-2.4.0 - Unauthenticated Remote Code Execution via Flask-Caching SimpleCache
May 30, 2023
CVSS 9.1
EPSS 0.01
CVE-2023-32686
HIGH
Kiwi TCMS < 12.3 - Unrestricted Upload of Dangerous File Types
May 27, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-32321
CRITICAL
CKAN 2.9.0-2.9.8 - Remote Code Execution via ResourceUploader Arbitrary File Write
May 26, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-33185
MEDIUM
django-ses < 3.5.0 - Improper Verification of Cryptographic Signature in SESEventWebhookView
May 26, 2023
CVSS 4.6
EPSS 0.00
CVE-2023-32681
MEDIUM
Requests 2.3.0-2.31.0 - Proxy-Authorization Header Leak via HTTPS Redirect
May 26, 2023
CVSS 6.1
EPSS 0.03
CVE-2023-32323
MEDIUM
Synapse <= 1.73 - Denial of Service via Oversized invite_room_state Field
May 26, 2023
CVSS 5.0
EPSS 0.01
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
vllm 50
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters