pypi

4,708 tracked vulnerabilities.

CVE-2024-9056 HIGH
BentoML v1.3.4post1 - Unauthenticated Denial of Service via Multipart Boundary Processing
Mar 20, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-9053 CRITICAL
vllm 0.6.0 - Remote Code Execution via Unsafe Cloudpickle Deserialization
Mar 20, 2025
CVSS 9.8
EPSS 0.10
CVE-2024-8984 HIGH
litellm < 1.65.4 - Unauthenticated Denial of Service via Multipart Boundary Processing
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-8966 HIGH
gradio/video 0.10.2 - Denial of Service via Multipart Boundary Processing
Mar 20, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-8955 HIGH
Composio 0.4.4 BrowserTool Actions - Server-Side Request Forgery File Read
Mar 20, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-8953 CRITICAL
composio < 0.5.43 - Remote Code Execution via Mathematical Calculator Endpoint
Mar 20, 2025
CVSS 9.8
EPSS 0.00
CVE-2024-8952 HIGH
Composio 0.4.2 WEBTOOL_SCRAPE_WEBSITE_CONTENT - Server-Side Request Forgery
Mar 20, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-8859 HIGH NUCLEI
MLflow 2.15.1 - Path Traversal and Arbitrary File Read via DBFS Service URL Handling
Mar 20, 2025
CVSS 7.5
EPSS 0.26
CVE-2024-8769 CRITICAL
aimhubio/aim <bb76afe - Path Traversal
Mar 20, 2025
CVSS 9.1
EPSS 0.01
CVE-2024-8616 HIGH
h2o 3.46.0 - Arbitrary File Overwrite via mexport.dir Parameter
Mar 20, 2025
CVSS 8.2
EPSS 0.00
CVE-2024-8556 MEDIUM
modelscope/agentscope - Stored Cross-Site Scripting in Run Information View
Mar 20, 2025
CVSS 6.1
EPSS 0.00
CVE-2024-8551 CRITICAL
modelscope/agentscope < - Path Traversal
Mar 20, 2025
CVSS 9.1
EPSS 0.00
CVE-2024-8537 CRITICAL
modelscope/agentscope - Path Traversal
Mar 20, 2025
CVSS 9.1
EPSS 0.01
CVE-2024-8524 HIGH
modelscope/agentscope <0.0.4 - Path Traversal
Mar 20, 2025
CVSS 7.5
EPSS 0.01
CVE-2024-8502 CRITICAL
modelscope/agentscope <0.0.6a3 - RCE
Mar 20, 2025
CVSS 9.8
EPSS 0.01
CVE-2024-8501 HIGH
modelscope/agentscope <0.0.4 - Info Disclosure
Mar 20, 2025
CVSS 8.8
EPSS 0.01
CVE-2024-8487 CRITICAL
modelscope/agentscope <0.0.4 - CSRF
Mar 20, 2025
CVSS 9.8
EPSS 0.00
CVE-2024-8438 HIGH
modelscope/agentscope <0.0.4 - Path Traversal
Mar 20, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-8238 HIGH
Aim < 3.22.0 AimQL str.format_map - RestrictedPython Code Execution
Mar 20, 2025
CVSS 8.1
EPSS 0.00
CVE-2024-8183 HIGH
Prefect < 3.0.3 - Origin Validation Error in CORS Configuration
Mar 20, 2025
CVSS 7.6
EPSS 0.00
CVE-2024-8062 HIGH
h2o 3.46.0 - Denial of Service via Typeahead Endpoint HEAD Request
Mar 20, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-8061 HIGH
aim 3.23.0 - Denial of Service via Timeout-Free External Resource Access
Mar 20, 2025
CVSS 7.5
EPSS 0.00
CVE-2024-8060 HIGH
OpenWebUI < 0.5.17 - Authenticated Path Traversal and Arbitrary File Write via Audio API Endpoint
Mar 20, 2025
CVSS 8.1
EPSS 0.02
CVE-2024-8053 HIGH
open-webui/open-webui <0.3.10 - DoS
Mar 20, 2025
CVSS 8.2
EPSS 0.01
CVE-2024-8021 MEDIUM NUCLEI
gradio - Open Redirect via URL Encoding
Mar 20, 2025
CVSS 6.1
EPSS 0.02
Products
tensorflow 427 tensorflow-gpu 421 tensorflow-cpu 417 Django 147 apache-airflow 111 Plone 96 open-webui 86 mlflow 70 apache-superset 67 salt 67 ansible 66 pillow 52 nova 48 gradio 46 rdiffweb 43 matrix-synapse 42 pyload-ng 41 vyper 39 vllm 38 keystone 36 moin 35 aiohttp 33 opencv-contrib-python 30 opencv-python 30 PraisonAI 27 pgadmin4 26 pypdf 24 glance 22 langflow 22 ethyca-fides 21
Quick Filters
Critical CVEs With Exploits In CISA KEV