pypi
5,010 tracked vulnerabilities.
CVE-2023-28370
MEDIUM
Tornado < 6.3.2 - Unauthenticated Open Redirect via Crafted URL
May 25, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-32675
LOW
vyperlang/vyper < 0.3.8 - Incorrect Fund Transfer via Nonpayable Default Function
May 19, 2023
CVSS 3.7
EPSS 0.01
CVE-2023-2800
MEDIUM
huggingface/transformers <4.30.0 - Info Disclosure
May 18, 2023
CVSS 4.7
EPSS 0.00
CVE-2023-2780
CRITICAL
NUCLEI
MLflow < 2.3.1 - Path Traversal via Backslash-Dot-Dot-Slash Sequence
May 17, 2023
CVSS 9.8
EPSS 0.06
CVE-2023-32309
HIGH
PyMdown Extensions 1.5.0-9.9.9 - Arbitrary File Read via Snippets Include Syntax
May 15, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-32758
HIGH
git-url-parse < 1.2.2 - Regular Expression Denial of Service via URL Parsing
May 15, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-32303
MEDIUM
Planet < 2.0.1 - Incorrect Permission Assignment for Critical Resource
May 12, 2023
CVSS 5.2
EPSS 0.00
CVE-2023-32059
HIGH
vyper < 0.3.8 - Incorrect Internal Call Argument Ordering
May 11, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-32058
HIGH
vyper < 0.3.8 - Integer Overflow in Loop Iterator Assignment
May 11, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-31146
HIGH
vyper < 0.3.8 - Out-of-bounds Write via Dynamic Array Assignment
May 11, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-30172
HIGH
MLflow < 2.0.1 - Path Traversal via /get-artifact API Path Parameter
May 11, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-32076
MEDIUM
in-toto < 1.4.0 - Configuration Manipulation via .in_totorc File
May 10, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-31143
MEDIUM
Mage-ai <0.8.72 - Privilege Escalation
May 09, 2023
CVSS 5.9
EPSS 0.01
CVE-2023-30837
HIGH
vyper < 0.3.8 - Memory Allocation with Excessive Size Value
May 08, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-25754
CRITICAL
Apache Airflow <2.6.0 - Privilege Escalation
May 08, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-29247
MEDIUM
Apache Airflow < 2.6.0 - Stored Cross-Site Scripting in Task Instance Details Page
May 08, 2023
CVSS 5.4
EPSS 0.02
CVE-2023-31047
CRITICAL
Django <3.2.19, <4.1.9, <4.2.1 - Auth Bypass
May 07, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-30861
HIGH
Flask < 2.2.5 and 2.3.0-2.3.2 - Session Cookie Exposure via Caching Proxy
May 02, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-32007
HIGH
Apache Spark UI - Privilege Escalation
May 02, 2023
CVSS 8.8
EPSS 0.76
CVE-2023-2356
HIGH
NUCLEI
mlflow/mlflow <2.3.1 - Path Traversal
Apr 28, 2023
CVSS 7.5
EPSS 0.04
CVE-2023-30629
HIGH
vyper 0.3.1-0.3.7 - Always-Incorrect Control Flow Implementation in raw_call
Apr 24, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-30613
HIGH
Kiwi TCMS < 12.2 - Unrestricted Upload of Dangerous File Types
Apr 24, 2023
CVSS 8.1
EPSS 0.01
CVE-2023-30544
LOW
Kiwi TCMS < 12.2 - Unauthenticated Email Address Update via My Profile Admin Page
Apr 24, 2023
CVSS 3.9
EPSS 0.00
CVE-2023-30776
MEDIUM
Apache Superset 1.3.0-2.0.1 - Authenticated Database Password Exposure via REST API
Apr 24, 2023
CVSS 4.9
EPSS 0.02
CVE-2023-27524
HIGH
KEVNUCLEI
Apache Superset Signed Cookie Priv Esc
Apr 24, 2023
CVSS 8.9
EPSS 0.97
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
vllm 50
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters