pypi
5,010 tracked vulnerabilities.
CVE-2022-23530
MEDIUM
GuardDog < 0.1.8 - Arbitrary File Write via Tarball Extraction
Dec 16, 2022
CVSS 5.8
EPSS 0.01
CVE-2022-4527
LOW
collective.task < 3.0.9 - Cross-Site Scripting in AssignedGroupColumn Table Renderer
Dec 15, 2022
CVSS 3.5
EPSS 0.01
CVE-2022-4526
LOW
django-photologue < 3.16 - Cross-Site Scripting in Photo Detail Template Caption
Dec 15, 2022
CVSS 3.5
EPSS 0.01
CVE-2022-4495
LOW
collective.dms.basecontent < 1.7 - Cross-Site Scripting in renderCell Function
Dec 14, 2022
CVSS 3.5
EPSS 0.00
CVE-2022-4223
HIGH
NUCLEI
pgAdmin 4 < 6.17 - Unauthenticated Remote Code Execution via External Utility Path Validation API
Dec 13, 2022
CVSS 8.8
EPSS 0.80
CVE-2022-4314
CRITICAL
ikus060/rdiffweb <2.5.2 - Privilege Escalation
Dec 12, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-4396
LOW
pyrdfa3 < 3.6.2 - Cross-Site Scripting in _get_option Function
Dec 10, 2022
CVSS 3.5
EPSS 0.01
CVE-2022-23485
MEDIUM
Sentry 20.6.0-22.10.0 - Improper Access Control via Invite Link Cookie Manipulation
Dec 10, 2022
CVSS 6.4
EPSS 0.00
CVE-2022-23491
MEDIUM
certifi 2017.11.5-2022.12.7 - Insufficient Verification of Data Authenticity
Dec 07, 2022
CVSS 6.8
EPSS 0.01
CVE-2022-46742
CRITICAL
PaddlePaddle 2.4.0-rc0 - Remote Code Execution via paddle.audio.functional.get_window
Dec 07, 2022
CVSS 10.0
EPSS 0.01
CVE-2022-46741
HIGH
PaddlePaddle <2.4 - Info Disclosure
Dec 07, 2022
CVSS 7.1
EPSS 0.01
CVE-2022-41910
MEDIUM
TensorFlow < 2.8.4 - Out-of-bounds Read in MakeGrapplerFunctionItem
Dec 06, 2022
CVSS 4.8
EPSS 0.00
CVE-2022-41902
HIGH
TensorFlow < 2.8.4 - Out-of-bounds Read in MakeGrapplerFunctionItem
Dec 06, 2022
CVSS 7.1
EPSS 0.00
CVE-2022-44900
CRITICAL
Py7zr < 0.20.1 - Path Traversal
Dec 06, 2022
CVSS 9.1
EPSS 0.02
CVE-2022-23472
MEDIUM
Passeo < 1.0.5 - Use of Cryptographically Weak PRNG
Dec 06, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-24439
HIGH
GitPython <3.1.30 - Remote Code Execution via Malicious Clone URL
Dec 06, 2022
CVSS 8.1
EPSS 0.05
CVE-2022-46147
HIGH
xblock-drag-and-drop-v2 < 3.0.0 - Stored Cross-Site Scripting in XBlock Fields
Nov 28, 2022
CVSS 8.4
EPSS 0.01
CVE-2022-45908
CRITICAL
PaddlePaddle < 2.4 - Remote Code Execution via get_window winstr Parameter
Nov 26, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-45907
CRITICAL
PyTorch < 1.13.1 - Remote Code Execution via Unsafe eval in torch.jit.annotations.parse_type_line
Nov 26, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-41954
LOW
mpxj < 10.14.1 - Insecure Temporary File Permissions on Unix-like Systems
Nov 25, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-2650
CRITICAL
wger-project/wger <2.2 - Info Disclosure
Nov 24, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-3500
MEDIUM
keylime < 6.5.1 - Uncaught Exception Leading to Attestation Bypass
Nov 22, 2022
CVSS 5.1
EPSS 0.00
CVE-2022-41952
MEDIUM
Synapse < 1.53.0 - Resource Exhaustion via URL Preview Media Stream Handling
Nov 22, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-41131
HIGH
Apache Airflow <4.1.0, <2.3.0 - Command Injection
Nov 22, 2022
CVSS 7.8
EPSS 0.02
CVE-2022-40954
MEDIUM
Apache Airflow <4.0.0, <2.3.0 - Command Injection
Nov 22, 2022
CVSS 5.5
EPSS 0.01
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
vllm 50
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters