pypi
5,010 tracked vulnerabilities.
CVE-2023-1176
LOW
MLflow < 2.2.2 - Absolute Path Traversal
Mar 24, 2023
CVSS 3.3
EPSS 0.01
CVE-2023-28117
HIGH
Sentry SDK < 1.14.0 - Sensitive Cookie Value Leak via Django Integration
Mar 22, 2023
CVSS 7.6
EPSS 0.01
CVE-2023-27586
CRITICAL
CairoSVG < 2.7.0 - Server-Side Request Forgery via External Host Requests
Mar 20, 2023
CVSS 9.9
EPSS 0.01
CVE-2023-27494
MEDIUM
Streamlit 0.63.0-0.80.0 - Reflected Cross-Site Scripting via Malicious URL
Mar 16, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-25695
MEDIUM
Apache Airflow < 2.5.2 - Sensitive Information Exposure via Error Message
Mar 15, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-25617
CRITICAL
SAP Business Objects BI Platform 4.2/4.3 - Authenticated RCE via Program Object
Mar 14, 2023
CVSS 9.0
EPSS 0.01
CVE-2023-27476
HIGH
OWSLib < 0.28.1 - XML External Entity Injection via Unsafe XML Parser
Mar 08, 2023
CVSS 8.2
EPSS 0.01
CVE-2023-27522
HIGH
Apache HTTP Server 2.4.30-2.4.55 - HTTP Response Smuggling via mod_proxy_uwsgi Origin Response Header
Mar 07, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-27891
HIGH
pretix < 4.17.1 - Insufficient Session Expiration
Mar 06, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-22432
MEDIUM
NUCLEI
web2py < 2.23.1 - Open Redirect via Crafted URL
Mar 06, 2023
CVSS 6.1
EPSS 0.02
CVE-2023-23929
HIGH
vantage6 < 3.8.0 - Insufficient Session Expiration
Mar 04, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-26052
LOW
Saleor 2.0.0-3.1.47 - Unauthenticated Sensitive Information Exposure via Error Messages
Mar 02, 2023
CVSS 3.7
EPSS 0.01
CVE-2023-26051
MEDIUM
Saleor 2.0.0-3.1.47 - Authenticated Sensitive Information Exposure via Error Messages
Mar 02, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-22738
MEDIUM
vantage6 <3.8.0 - Privilege Escalation
Mar 01, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-26043
MEDIUM
GeoNode < 4.0.3 - XML External Entity Injection via Style Upload
Feb 27, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-25956
HIGH
Apache Airflow AWS Provider < 7.2.1 - Sensitive Information Exposure via Error Message
Feb 24, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-25696
CRITICAL
Apache Airflow Hive Provider < 5.1.3 - Improper Input Validation
Feb 24, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-25693
CRITICAL
Apache Airflow Sqoop Provider < 3.1.1 - Improper Input Validation
Feb 24, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-25692
HIGH
Apache Airflow Google Provider < 8.10.0 - Improper Input Validation
Feb 24, 2023
CVSS 7.5
EPSS 0.02
CVE-2023-25691
CRITICAL
Apache Airflow Google Provider < 8.10.0 - Improper Input Validation
Feb 24, 2023
CVSS 9.8
EPSS 0.02
CVE-2023-25823
MEDIUM
Gradio < 3.13.1 - Use of Hard-coded Credentials via Share Link SSH Key Exposure
Feb 23, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-26303
LOW
markdown-it-py < 2.2.0 - Denial of Service via Null Assertion Bypass
Feb 23, 2023
CVSS 3.3
EPSS 0.00
CVE-2023-26302
LOW
markdown-it-py < 2.2.0 - Denial of Service via Invalid UTF-8 Input
Feb 22, 2023
CVSS 3.3
EPSS 0.00
CVE-2023-0949
MEDIUM
modoboa < 2.0.5 - Reflected Cross-Site Scripting
Feb 22, 2023
CVSS 4.8
EPSS 0.00
CVE-2023-25657
HIGH
Nautobot < 1.5.7 - Remote Code Execution via Jinja2 Template Rendering
Feb 21, 2023
CVSS 7.5
EPSS 0.02
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
vllm 50
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters