pypi
5,010 tracked vulnerabilities.
CVE-2022-41880
MEDIUM
TensorFlow < 2.8.4, 2.9.0-2.9.2, 2.10.0 - Heap Out-of-Bounds Read in BaseCandidateSamplerOp
Nov 18, 2022
CVSS 6.8
EPSS 0.00
CVE-2022-41883
MEDIUM
TensorFlow 2.8.0-2.10.0 - Out-of-bounds Read in Dynamic Stitch Op
Nov 18, 2022
CVSS 6.8
EPSS 0.00
CVE-2022-43171
MEDIUM
LIEF < 0.12.3 - Denial of Service via Crafted MachO File
Nov 17, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-4018
MEDIUM
GitHub rdiffweb <2.5.0a6 - Info Disclosure
Nov 16, 2022
CVSS 4.3
EPSS 0.01
CVE-2022-45402
MEDIUM
Apache Airflow < 2.4.3 - Open Redirect via Login Endpoint
Nov 15, 2022
CVSS 6.1
EPSS 0.82
CVE-2022-3362
CRITICAL
GitHub rdiffweb <2.5.0 - Info Disclosure
Nov 14, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-40127
HIGH
NUCLEI
Apache Airflow < 2.4.0 - Authenticated Remote Code Execution via Run ID Parameter
Nov 14, 2022
CVSS 8.8
EPSS 0.86
CVE-2022-27949
HIGH
Apache Airflow < 2.3.1 - Unauthenticated Exposure of Sensitive Information in Task Template Rendering
Nov 14, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-45199
HIGH
Pillow < 9.3.0 - Denial of Service via SAMPLESPERPIXEL
Nov 14, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-45198
HIGH
Pillow < 9.2.0 - Denial of Service via Highly Compressed GIF Data
Nov 14, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-41905
HIGH
wsgidav 3.0.0-4.0.9 - Cross-Site Scripting via Directory Browsing
Nov 11, 2022
CVSS 8.2
EPSS 0.00
CVE-2022-41892
HIGH
Arches < 6.1.1, 6.1.2-6.2.1, 7.1.2 - SQL Injection
Nov 11, 2022
CVSS 8.6
EPSS 0.01
CVE-2022-44244
MEDIUM
Lin-CMS <0.2.1 - Privilege Escalation
Nov 09, 2022
CVSS 6.6
EPSS 0.01
CVE-2022-42966
MEDIUM
cleo < 2.0.0 - Regular Expression Denial of Service via Table.set_rows Method
Nov 09, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-42965
LOW
snowflake-connector-python < 2.8.2 - Regular Expression Denial of Service via get_file_transfer_type
Nov 09, 2022
CVSS 3.7
EPSS 0.01
CVE-2022-42964
MEDIUM
pymatgen - Denial of Service via GaussianInput.from_string ReDoS
Nov 09, 2022
CVSS 5.9
EPSS 0.01
CVE-2022-33684
HIGH
Apache Pulsar C++ Client - Man-in-the-Middle
Nov 04, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-43985
MEDIUM
Apache Airflow <2.4.2 - Open Redirect
Nov 02, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-43982
MEDIUM
Apache Airflow < 2.4.2 - Stored Cross-Site Scripting via Trigger DAG Origin Query Argument
Nov 02, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-31777
MEDIUM
Apache Spark < 3.2.2 - Stored Cross-Site Scripting via Log Rendering
Nov 01, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-44020
MEDIUM
OpenStack Sushy-Tools <0.21.0-VirtualBMC <2.2.2 - Info Disclosure
Oct 30, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-39366
CRITICAL
DataHub < 0.8.45 - Authentication Bypass via Missing JWT Signature Verification
Oct 28, 2022
CVSS 9.9
EPSS 0.01
CVE-2022-3697
HIGH
Ansible amazon.aws Collection - Sensitive Information Exposure via tower_callback Parameter
Oct 28, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-3363
CRITICAL
ikus060/rdiffweb <2.5.0a7 - Info Disclosure
Oct 26, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-39348
MEDIUM
Twisted 0.9.4-22.10.0rc1 - Cross-Site Scripting via Host Header in NameVirtualHost
Oct 26, 2022
CVSS 5.4
EPSS 0.01
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
vllm 50
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters