pypi
5,015 tracked vulnerabilities.
CVE-2022-37394
LOW
OpenStack Nova < 23.2.2, 24.x < 24.1.2, 25.x < 25.0.2 - Authenticated Denial of Service via VNIC Type Change
Aug 03, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-35920
HIGH
sanic <20.12.7 and 22.0.0-22.6.1 - Path Traversal via Encoded %2F URLs
Aug 01, 2022
CVSS 8.3
EPSS 0.01
CVE-2022-35918
MEDIUM
Streamlit 0.63.0-1.11.0 - Path Traversal via Malicious URL
Aug 01, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-31177
LOW
Flask-AppBuilder <4.1.3 - Info Disclosure
Aug 01, 2022
CVSS 2.7
EPSS 0.01
CVE-2022-2589
MEDIUM
fava < 1.22.3 - Reflected Cross-Site Scripting
Aug 01, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-36447
HIGH
Chia Network CAT1 Standard 1.0.0 - Info Disclosure
Jul 29, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34558
CRITICAL
WMAgent v1.3.3rc2-1.3.3rc1 & reqmgr 2 v1.4.0rc2 - RCE
Jul 28, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-34529
MEDIUM
wasm3 v0.5.0 - Out-of-bounds Read via Compile_Memory_CopyFill
Jul 27, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-33977
HIGH
untangle < 1.2.0 - Denial of Service via XML Entity Expansion
Jul 26, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-31471
HIGH
untangle < 1.2.0 - XML External Entity Injection
Jul 26, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-34749
HIGH
mistune < 2.0.2 - Inefficient Regular Expression Complexity
Jul 25, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-2523
MEDIUM
fava < 1.22.2 - Reflected Cross-Site Scripting
Jul 25, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-2514
MEDIUM
Fava < 1.22 - Reflected Cross-Site Scripting via Time and Filter Parameters
Jul 25, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-24294
HIGH
Apache MXNet < 1.9.1 - Denial of Service via Crafted Operator Name
Jul 24, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-34501
CRITICAL
bin-collection <0.1 - Code Injection
Jul 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-34500
CRITICAL
bin-collect < 0.1 - Remote Code Execution via Malicious PyPI Package
Jul 22, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-33891
HIGH
KEVNUCLEI
Apache Spark UI - Privilege Escalation
Jul 18, 2022
CVSS 8.8
EPSS 0.93
CVE-2022-31153
MEDIUM
OpenZeppelin Contracts for Cairo <0.2.0 - Info Disclosure
Jul 15, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-30187
MEDIUM
Azure Storage Library < 12.13.0 - Information Disclosure via Broken Cryptographic Algorithm
Jul 12, 2022
CVSS 4.7
EPSS 0.01
CVE-2022-25303
MEDIUM
whoogle-search < 0.7.2 - Cross-Site Scripting via Query String Parameter
Jul 12, 2022
CVSS 5.4
EPSS 0.01
CVE-2022-31573
CRITICAL
chainer/chainerrl-visualizer <0.1.1 - Path Traversal
Jul 11, 2022
CVSS 9.3
EPSS 0.01
CVE-2022-31558
CRITICAL
Tooxie/Shiva-Server <0.10.0 - Path Traversal
Jul 11, 2022
CVSS 9.3
EPSS 0.01
CVE-2022-31507
CRITICAL
ganga-devs/ganga <8.5.10 - Path Traversal
Jul 11, 2022
CVSS 9.3
EPSS 0.02
CVE-2022-31506
CRITICAL
cmusatyalab/opendiamond <10.1.1 - Path Traversal
Jul 11, 2022
CVSS 9.3
EPSS 0.01
CVE-2022-35411
CRITICAL
rpc.py < 0.6.0 - Unauthenticated Remote Code Execution via Pickle Deserialization
Jul 08, 2022
CVSS 9.8
EPSS 0.46
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
vllm 50
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
litellm 23
Quick Filters