pypi

5,010 tracked vulnerabilities.

CVE-2023-24769 MEDIUM
Changedetection.io < 0.40.1.1 - Stored Cross-Site Scripting via URL Parameter in Watch Function
Feb 17, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-0860 HIGH
modoboa installer < 2.0.4 - Improper Restriction of Excessive Authentication Attempts
Feb 16, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-25578 HIGH
Starlite < 1.51.2 - Unauthenticated Denial of Service via Multipart Body Parsing
Feb 15, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-25171 HIGH
Kiwi TCMS < 12.0 - Denial of Service via Password Reset Email Spam
Feb 15, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-25156 HIGH
Kiwi TCMS < 12.0 - Unauthenticated Brute-Force Attack via Login Page
Feb 15, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-24580 HIGH
Django 3.2-3.2.18 - Denial of Service via Multipart Request Parser
Feb 15, 2023
CVSS 7.5
EPSS 0.63
CVE-2023-25577 HIGH
Werkzeug < 2.2.3 - Denial of Service via Multipart Form Data Parsing
Feb 14, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-23934 LOW
Werkzeug < 2.2.3 - Improper Input Validation in Cookie Parsing
Feb 14, 2023
CVSS 2.6
EPSS 0.01
CVE-2023-24816 MEDIUM
IPython < 8.10.0 - OS Command Injection via set_term_title Function
Feb 10, 2023
CVSS 4.5
EPSS 0.01
CVE-2023-0777 CRITICAL NUCLEI
modoboa < 2.0.4 - Authentication Bypass
Feb 10, 2023
CVSS 9.8
EPSS 0.15
CVE-2023-0286 HIGH
OpenSSL 1.0.2-1.0.2zg - Type Confusion in X.400 Address Processing
Feb 08, 2023
CVSS 7.4
EPSS 0.60
CVE-2023-23931 MEDIUM
cryptography 1.8-39.0.0 - Buffer Protocol Violation via Immutable Buffer Mutation
Feb 07, 2023
CVSS 4.8
EPSS 0.01
CVE-2023-23940 MEDIUM
OpenZeppelin Contracts for Cairo - Code Injection
Feb 03, 2023
CVSS 6.4
EPSS 0.00
CVE-2023-23969 HIGH
Django 3.2-3.2.16 4.0-4.0.8 4.1-4.1.5 - Denial of Service via Accept-Language Header Parsing
Feb 01, 2023
CVSS 7.5
EPSS 0.47
CVE-2023-0591 MEDIUM
ubi_reader < 0.8.5 - Path Traversal via Crafted UBIFS Node Names
Jan 31, 2023
CVSS 5.5
EPSS 0.00
CVE-2023-24622 MEDIUM
safeurl-python < 1.2 - Server-Side Request Forgery via isInList Regular Expression
Jan 30, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-0519 MEDIUM
modoboa < 2.0.4 - Stored Cross-Site Scripting
Jan 26, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-0509 HIGH
pyload < 0.5.0b3.dev44 - Improper Certificate Validation
Jan 26, 2023
CVSS 7.4
EPSS 0.01
CVE-2023-0488 MEDIUM
pyload < 0.5.0b3.dev42 - Stored Cross-Site Scripting
Jan 26, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-0470 MEDIUM
modoboa < 2.0.4 - Stored Cross-Site Scripting
Jan 26, 2023
CVSS 5.4
EPSS 0.01
CVE-2023-23611 MEDIUM
xblock-lti-consumer 7.0.0-7.2.1 - Missing Authorization via resource_link_id Field
Jan 26, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-23608 NONE
spotipy < 2.22.1 - Path Traversal via URI Parsing
Jan 26, 2023
EPSS 0.01
CVE-2023-0438 MEDIUM
modoboa < 2.0.4 - Cross-Site Request Forgery
Jan 23, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-0435 CRITICAL
pyload/pyload <0.5.0b3.dev41 - Info Disclosure
Jan 22, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-0434 HIGH
pyload < 0.5.0b3.dev40 - Improper Input Validation
Jan 22, 2023
CVSS 7.5
EPSS 0.01