pypi
4,998 tracked vulnerabilities.
CVE-2024-27528
HIGH
wasm3 139076a - Out-of-bounds Read
Nov 08, 2024
CVSS 8.4
EPSS 0.00
CVE-2024-50378
MEDIUM
Apache Airflow < 2.10.3 - Authenticated Sensitive Information Exposure in Audit Logs
Nov 08, 2024
CVSS 4.9
EPSS 0.01
CVE-2024-51998
HIGH
changedetection.io - Info Disclosure
Nov 08, 2024
CVSS 8.6
EPSS 0.01
CVE-2024-51751
MEDIUM
Gradio 5.0.0-5.4.9 - Path Traversal via File or UploadButton Component
Nov 06, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-10082
HIGH
CodeChecker <6.24.1 - Privilege Escalation
Nov 06, 2024
CVSS 8.7
EPSS 0.00
CVE-2024-10081
CRITICAL
NUCLEI
CodeChecker <= 6.24.1 - Authentication Bypass via API URL Ending with Authentication
Nov 06, 2024
CVSS 10.0
EPSS 0.39
CVE-2024-9902
MEDIUM
ansible-core < 2.14.18rc1 - Unauthenticated Arbitrary File Write via User Module
Nov 06, 2024
CVSS 6.3
EPSS 0.00
CVE-2024-51493
MEDIUM
OctoPrint <= 1.10.2 - Unverified Password Change via Stolen API Key
Nov 05, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-49377
MEDIUM
OctoPrint <= 1.10.2 - Reflected Cross-Site Scripting in Login and Application Key Dialogs
Nov 05, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-51734
HIGH
Zope AccessControl <7.2 - Info Disclosure
Nov 04, 2024
EPSS 0.00
CVE-2024-48061
CRITICAL
langflow <=1.0.18 - Remote Code Execution via Unsafe Component Code Execution
Nov 04, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-48052
MEDIUM
gradio < 4.42.0 - Server-Side Request Forgery via DownloadButton URL Parameter
Nov 04, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-48050
CRITICAL
agentscope < 0.0.4 - Remote Code Execution via is_callable_expression eval
Nov 04, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-51483
MEDIUM
NUCLEI
changedetection.io < 0.47.5 - Path Traversal via WebDriver File URL
Nov 01, 2024
EPSS 0.02
CVE-2024-42835
CRITICAL
langflow v1.0.12 - Remote Code Execution via PythonCodeTool Component
Oct 31, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-49769
HIGH
Waitress < 3.0.1 - Denial of Service via Connection Cleanup Race Condition
Oct 29, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-49768
CRITICAL
Waitress 2.0.0-3.0.0 - Time-of-check Time-of-use Race Condition via HTTP Pipelining
Oct 29, 2024
CVSS 9.1
EPSS 0.00
CVE-2024-8309
CRITICAL
langchain-ai/langchain <0.2.5 - SQL Injection
Oct 29, 2024
CVSS 9.8
EPSS 0.14
CVE-2024-6581
CRITICAL
Lollms v9.9 - Cross-Site Scripting via SVG Upload in Discussion Image Function
Oct 29, 2024
CVSS 9.0
EPSS 0.01
CVE-2024-39205
CRITICAL
pyload-ng v0.5.0b3.dev85 - Remote Code Execution via Crafted HTTP Request
Oct 28, 2024
CVSS 9.8
EPSS 0.17
CVE-2024-49771
MEDIUM
MPXJ 8.3.5-13.5.0 - Path Traversal
Oct 28, 2024
CVSS 5.3
EPSS 0.00
CVE-2024-47821
CRITICAL
pyload < 0.5.0b3.dev87 - Remote Code Execution via Script Folder Download
Oct 25, 2024
CVSS 9.1
EPSS 0.01
CVE-2024-49767
HIGH
Werkzeug <3.0.6 - DoS
Oct 25, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-49766
MEDIUM
Werkzeug < 3.0.6 - Path Traversal on Windows via UNC Path Handling
Oct 25, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-49750
MEDIUM
Snowflake Connector for Python <3.12.3 - Info Disclosure
Oct 24, 2024
CVSS 5.5
EPSS 0.00
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 92
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters