Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / pypi

pypi

4,718 tracked vulnerabilities.

CVE-2024-46946 CRITICAL

langchain-experimental 0.1.17-0.3.0 - Remote Code Execution via LLMSymbolicMathChain Sympy Sympify

CVE-2024-45601 HIGH

Mesop >=0.9.0 <0.12.4 - Unauthorized File Access via Insufficient Input Validation

CVE-2024-45858 HIGH

Guardrails AI Guardrails <0.5.10 - RCE

CVE-2024-35515 CRITICAL

sqlitedict <= 2.1.0 - Remote Code Execution via Insecure Deserialization

CVE-2024-45606 HIGH

Sentry 23.4.0-24.9.0 - Authenticated Authorization Bypass via Alert Rule Mute

CVE-2024-45605 MEDIUM

Sentry 23.9.0-24.9.0 - Authenticated Authorization Bypass via User Alert Notification Deletion

CVE-2024-8948 HIGH

MicroPython 1.23.0 - Heap-based Buffer Overflow in mpz_as_bytes

CVE-2024-8947 MEDIUM

MicroPython 1.22.2 - Use-After-Free in objarray Component

CVE-2024-8946 HIGH

MicroPython 1.23.0 - Heap-based Buffer Overflow in VFS Unmount Handler

CVE-2024-8939 MEDIUM

vllm - Denial of Service via Improper Handling of best_of Parameter

CVE-2024-8768 HIGH

vllm < 0.5.5 - Denial of Service via Empty Prompt

CVE-2024-5998 HIGH

langchain < 0.2.9 and langchain-community < 0.2.4 - Remote Code Execution via FAISS Deserialization

CVE-2024-8865 LOW

composio < 0.5.8 - Path Traversal via File Parameter in API Download

CVE-2024-8864 MEDIUM

composio < 0.5.6 - Code Injection in Calculator Function

CVE-2024-8863 LOW

aimstack aim < 3.24.0 - Stored Cross-Site Scripting in Text Explorer via dangerouslySetInnerHTML

CVE-2024-8862 HIGH

h2oai h2o-3 3.46.0.4 - Unauthenticated Remote Code Execution via JDBC Connection Handler Deserialization

CVE-2024-8775 MEDIUM

ansible-core >=2.17.0b1 <2.17.6 - Sensitive Information Exposure in Log Files via Vault Variable Handling

CVE-2024-6587 HIGH NUCLEI

litellm 1.38.10 - Server-Side Request Forgery via api_base Parameter

CVE-2024-45857 HIGH

Cleanlab >= 2.4.0 - Remote Code Execution via Malicious datalab.pkl File

CVE-2024-45856 CRITICAL

MindsDB - Stored Cross-Site Scripting in ML Engine Enumeration

CVE-2024-45855 HIGH

MindsDB >= 23.10.2.0 - Remote Code Execution via Malicious Inhouse Model Deserialization

CVE-2024-45854 HIGH

MindsDB >= 23.10.3.0 - Remote Code Execution via Malicious Inhouse Model Deserialization

CVE-2024-45853 HIGH

MindsDB >= 23.10.2.0 - Remote Code Execution via Malicious Inhouse Model Deserialization

CVE-2024-45852 HIGH

MindsDB >= 23.3.2.0 - Remote Code Execution via Untrusted Model Deserialization

CVE-2024-45851 HIGH

MindsDB 23.10.5.0-24.7.4.1 - Remote Code Execution via SharePoint INSERT Query

Previous Page 63 of 189 Next

Products

tensorflow 427 tensorflow-gpu 421 tensorflow-cpu 417 Django 147 apache-airflow 111 Plone 96 open-webui 86 mlflow 70 apache-superset 67 salt 67 ansible 66 pillow 52 nova 48 gradio 46 rdiffweb 43 matrix-synapse 42 pyload-ng 41 vyper 39 vllm 38 keystone 36 moin 35 aiohttp 33 opencv-contrib-python 30 opencv-python 30 PraisonAI 27 pgadmin4 26 pypdf 24 glance 22 langflow 22 ethyca-fides 21

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy