pypi

5,010 tracked vulnerabilities.

CVE-2022-40896 MEDIUM
pygments < 2.15.0 - Denial of Service via SmithyLexer ReDoS
Jul 19, 2023
CVSS 5.5
EPSS 0.01
CVE-2022-46651 MEDIUM
Apache Airflow <2.6.3 - Info Disclosure
Jul 12, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-39374 MEDIUM
Synapse 1.62.0-1.67.9 - Denial of Service via Malicious Homeserver State Manipulation
May 26, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-39335 MEDIUM
Synapse <= 1.68.0 - Missing Authorization in Federation API
May 26, 2023
CVSS 5.0
EPSS 0.01
CVE-2022-2525 CRITICAL
GitHub janeczku/calibre-web <0.6.20 - Auth Bypass
Apr 15, 2023
CVSS 9.8
EPSS 0.01
CVE-2022-38072 MEDIUM
ADMesh Master Commit <767a105-0.98.4 - Buffer Overflow
Apr 03, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-4899 HIGH
zstd <1.4.10 - Buffer Overflow
Mar 31, 2023
CVSS 7.5
EPSS 0.02
CVE-2022-23522 HIGH
mindsdb < 22.11.4.3 - Path Traversal via TarSlip in shutil.unpack_archive
Mar 30, 2023
CVSS 8.5
EPSS 0.01
CVE-2022-3146 MEDIUM
tripleo-ansible - Unauthenticated Sensitive Information Exposure via Insecure File Permissions
Mar 23, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-3101 MEDIUM
tripleo-ansible - Information Disclosure via Insecure File Permissions
Mar 23, 2023
CVSS 5.5
EPSS 0.00
CVE-2022-4134 LOW
openstack-glance - Privilege Escalation
Mar 06, 2023
CVSS 2.8
EPSS 0.00
CVE-2022-3277 MEDIUM
openstack-neutron < 18.6.0 and >=19.0.0.0rc1 <19.5.0 - Authenticated Denial of Service via Security Group Query
Mar 06, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-39228 MEDIUM
vantage6 3.3.3-3.7.9 - User Enumeration via Login Response Timing
Mar 01, 2023
CVSS 5.3
EPSS 0.01
CVE-2022-0637 MEDIUM
pollbot < 1.4.6 - Open Redirect
Feb 16, 2023
CVSS 6.1
EPSS 0.00
CVE-2022-47419 MEDIUM
Mayan EDMS < 4.3.6 - Stored Cross-Site Scripting in Tagging System
Feb 07, 2023
CVSS 5.4
EPSS 0.01
CVE-2022-45786 HIGH
Apache AGE < 1.1.0 - SQL Injection via Cypher Function Parameterization Bypass
Feb 04, 2023
CVSS 8.1
EPSS 0.01
CVE-2022-47951 MEDIUM
OpenStack Cinder/Glance/Nova Path Traversal via VMDK Image Backing File Reference
Jan 26, 2023
CVSS 5.7
EPSS 0.01
CVE-2022-4510 HIGH
binwalk 2.1.2b-2.3.3 - Path Traversal and Remote Code Execution via Malicious PFS Filesystem
Jan 26, 2023
CVSS 7.8
EPSS 0.22
CVE-2022-25882 HIGH
ONNX < 1.13.0 - Path Traversal via Tensor Proto External Data Field
Jan 26, 2023
CVSS 7.5
EPSS 0.02
CVE-2022-47950 MEDIUM
OpenStack Swift <2.28.1-2.30.0 - Info Disclosure
Jan 18, 2023
CVSS 6.5
EPSS 0.01
CVE-2022-45438 MEDIUM
Apache Superset <=1.5.2 and 2.0.0 - Unauthenticated Exposure of Dashboard Metadata via REST API
Jan 16, 2023
CVSS 5.3
EPSS 0.01
CVE-2022-43721 MEDIUM
Apache Superset <2.0.0 - Open Redirect
Jan 16, 2023
CVSS 5.4
EPSS 0.01
CVE-2022-43720 MEDIUM
Apache Superset < 1.5.2 and 2.0.0 - Authenticated Cross-Site Scripting via Toast Message
Jan 16, 2023
CVSS 5.4
EPSS 0.01
CVE-2022-43719 HIGH
Apache Superset < 1.5.2 and 2.0.0 - Cross-Site Request Forgery
Jan 16, 2023
CVSS 8.8
EPSS 0.01
CVE-2022-43718 MEDIUM
Apache Superset <=1.5.2 and 2.0.0 - Authenticated Cross-Site Scripting in Upload Data Forms
Jan 16, 2023
CVSS 5.4
EPSS 0.01