pypi

5,015 tracked vulnerabilities.

CVE-2022-37394 LOW
OpenStack Nova < 23.2.2, 24.x < 24.1.2, 25.x < 25.0.2 - Authenticated Denial of Service via VNIC Type Change
Aug 03, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-35920 HIGH
sanic <20.12.7 and 22.0.0-22.6.1 - Path Traversal via Encoded %2F URLs
Aug 01, 2022
CVSS 8.3
EPSS 0.01
CVE-2022-35918 MEDIUM
Streamlit 0.63.0-1.11.0 - Path Traversal via Malicious URL
Aug 01, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-31177 LOW
Flask-AppBuilder <4.1.3 - Info Disclosure
Aug 01, 2022
CVSS 2.7
EPSS 0.01
CVE-2022-2589 MEDIUM
fava < 1.22.3 - Reflected Cross-Site Scripting
Aug 01, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-36447 HIGH
Chia Network CAT1 Standard 1.0.0 - Info Disclosure
Jul 29, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34558 CRITICAL
WMAgent v1.3.3rc2-1.3.3rc1 & reqmgr 2 v1.4.0rc2 - RCE
Jul 28, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-34529 MEDIUM
wasm3 v0.5.0 - Out-of-bounds Read via Compile_Memory_CopyFill
Jul 27, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-33977 HIGH
untangle < 1.2.0 - Denial of Service via XML Entity Expansion
Jul 26, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-31471 HIGH
untangle < 1.2.0 - XML External Entity Injection
Jul 26, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34749 HIGH
mistune < 2.0.2 - Inefficient Regular Expression Complexity
Jul 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-2523 MEDIUM
fava < 1.22.2 - Reflected Cross-Site Scripting
Jul 25, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-2514 MEDIUM
Fava < 1.22 - Reflected Cross-Site Scripting via Time and Filter Parameters
Jul 25, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-24294 HIGH
Apache MXNet < 1.9.1 - Denial of Service via Crafted Operator Name
Jul 24, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-34501 CRITICAL
bin-collection <0.1 - Code Injection
Jul 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-34500 CRITICAL
bin-collect < 0.1 - Remote Code Execution via Malicious PyPI Package
Jul 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-33891 HIGH KEVNUCLEI
Apache Spark UI - Privilege Escalation
Jul 18, 2022
CVSS 8.8
EPSS 0.93
CVE-2022-31153 MEDIUM
OpenZeppelin Contracts for Cairo <0.2.0 - Info Disclosure
Jul 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-30187 MEDIUM
Azure Storage Library < 12.13.0 - Information Disclosure via Broken Cryptographic Algorithm
Jul 12, 2022
CVSS 4.7
EPSS 0.01
CVE-2022-25303 MEDIUM
whoogle-search < 0.7.2 - Cross-Site Scripting via Query String Parameter
Jul 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-31573 CRITICAL
chainer/chainerrl-visualizer <0.1.1 - Path Traversal
Jul 11, 2022
CVSS 9.3
EPSS 0.01
CVE-2022-31558 CRITICAL
Tooxie/Shiva-Server <0.10.0 - Path Traversal
Jul 11, 2022
CVSS 9.3
EPSS 0.01
CVE-2022-31507 CRITICAL
ganga-devs/ganga <8.5.10 - Path Traversal
Jul 11, 2022
CVSS 9.3
EPSS 0.02
CVE-2022-31506 CRITICAL
cmusatyalab/opendiamond <10.1.1 - Path Traversal
Jul 11, 2022
CVSS 9.3
EPSS 0.01
CVE-2022-35411 CRITICAL
rpc.py < 0.6.0 - Unauthenticated Remote Code Execution via Pickle Deserialization
Jul 08, 2022
CVSS 9.8
EPSS 0.46