pypi
4,718 tracked vulnerabilities.
CVE-2024-45850
HIGH
MindsDB 23.10.5.0-24.7.4.1 - Remote Code Execution via SharePoint Integration INSERT Query
Sep 12, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-45849
HIGH
MindsDB 23.10.5.0-24.7.4.1 - Remote Code Execution via SharePoint INSERT Query
Sep 12, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-45848
HIGH
MindsDB 23.12.4.0-24.7.4.1 - Remote Code Execution via ChromaDB INSERT Query
Sep 12, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-45847
HIGH
MindsDB 23.11.4.2-24.7.4.1 - Remote Code Execution via UPDATE Query Eval Injection
Sep 12, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-45846
HIGH
MindsDB 23.10.3.0-24.7.4.1 - Remote Code Execution via Weaviate SELECT WHERE Clause
Sep 12, 2024
CVSS 8.8
EPSS 0.00
CVE-2024-27321
HIGH
Refuel Autolabel >= 0.0.8 - Remote Code Execution via Malicious CSV File in Multilabel Classification Task
Sep 12, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-27320
HIGH
Refuel Autolabel >= 0.0.8 - Remote Code Execution via Malicious CSV File
Sep 12, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-6091
CRITICAL
agpt autogpt_classic - OS Command Injection via Denylist Bypass
Sep 11, 2024
CVSS 9.8
EPSS 0.00
CVE-2024-45595
MEDIUM
d-tale < 3.14.1 - Remote Code Execution via Custom Filter Input
Sep 10, 2024
CVSS 6.1
EPSS 0.02
CVE-2024-45498
HIGH
Apache Airflow <2.10.0 - Command Injection
Sep 07, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-45034
HIGH
Apache Airflow <2.10.1 - Code Injection
Sep 07, 2024
CVSS 8.8
EPSS 0.03
CVE-2024-45758
CRITICAL
H2O < 3.46.0.4 - Unauthenticated Remote Code Execution via JDBC Connection URL Injection
Sep 06, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-24759
CRITICAL
NUCLEI
MindsDB -DNS Rebinding SSRF Protection Bypass
Sep 05, 2024
CVSS 9.3
EPSS 0.83
CVE-2024-45399
MEDIUM
Indico < 3.3.4 - Cross-Site Scripting via Account Creation Next URL Parameter
Sep 04, 2024
CVSS 4.3
EPSS 0.01
CVE-2024-45314
LOW
Flask-AppBuilder <4.5.1 - Info Disclosure
Sep 04, 2024
CVSS 3.6
EPSS 0.00
CVE-2024-45053
CRITICAL
Fides 2.19.0-2.44.0 - Authenticated Remote Code Execution via Email Template Injection
Sep 04, 2024
CVSS 9.1
EPSS 0.02
CVE-2024-45052
MEDIUM
Fides < 2.44.0 - Unauthenticated Timing-Based Username Enumeration via Authentication Response
Sep 04, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-43805
HIGH
JupyterLab < 3.6.8 and Notebook 7.0.0-7.2.2 - Cross-Site Scripting via Malicious Markdown Cell
Aug 28, 2024
CVSS 7.6
EPSS 0.00
CVE-2024-42818
MEDIUM
fastapi-admin pro 0.1.4 - Stored Cross-Site Scripting via Config-Create Product Name Parameter
Aug 26, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-42816
MEDIUM
fastapi-admin pro 0.1.4 - Stored Cross-Site Scripting via Product Name Parameter
Aug 26, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-45190
MEDIUM
Mage AI - Path Traversal via Pipeline Interaction Request
Aug 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-45189
MEDIUM
Mage AI - Path Traversal and Arbitrary File Read via Git Content Request
Aug 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-45188
MEDIUM
Mage AI - Path Traversal in File Content Request
Aug 23, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-45187
HIGH
Mage AI - Unauthenticated Remote Code Execution via Deleted User Privilege Escalation
Aug 23, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-8113
MEDIUM
pretix < 2024.7.0 - Stored Cross-Site Scripting in Organizer and Event Settings
Aug 23, 2024
CVSS 5.4
EPSS 0.00
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 111
Plone 96
open-webui 86
mlflow 70
apache-superset 67
salt 67
ansible 66
pillow 52
nova 48
gradio 46
rdiffweb 43
matrix-synapse 42
pyload-ng 41
vyper 39
vllm 38
keystone 36
moin 35
aiohttp 33
opencv-contrib-python 30
opencv-python 30
PraisonAI 27
pgadmin4 26
pypdf 24
glance 22
langflow 22
ethyca-fides 21
Quick Filters