pypi
4,998 tracked vulnerabilities.
CVE-2024-45230
HIGH
Django 4.2.0-4.2.15, 5.0-5.0.8, 5.1 - Denial of Service via urlize() and urlizetrunc() Template Filters
Oct 08, 2024
CVSS 7.5
EPSS 0.26
CVE-2024-47211
MEDIUM
OpenStack Ironic <21.4.4-24.1.3 - Info Disclosure
Oct 04, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-47529
MEDIUM
OpenC3 COSMOS < 5.19.0 - Cleartext Storage of Sensitive Information in LocalStorage
Oct 02, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-46977
MEDIUM
OpenC3 COSMOS < 5.19.0 - Authenticated Path Traversal via LocalMode open_local_file
Oct 02, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-43795
MEDIUM
OpenC3 COSMOS < 5.19.0 - Reflected Cross-Site Scripting in Login Functionality
Oct 02, 2024
CVSS 6.1
EPSS 0.00
CVE-2024-47532
MEDIUM
RestrictedPython <7.3 - Info Disclosure
Sep 30, 2024
CVSS 6.5
EPSS 0.01
CVE-2024-9277
LOW
Langflow < 1.0.18 - Inefficient Regular Expression Complexity via HTTP POST Request Handler
Sep 27, 2024
CVSS 3.5
EPSS 0.01
CVE-2024-47082
MEDIUM
strawberry-graphql < 0.243.0 - Cross-Site Request Forgery via Multipart File Upload
Sep 25, 2024
CVSS 4.6
EPSS 0.00
CVE-2024-46488
MEDIUM
sqlite-vec 0.1.1 - Heap-based Buffer Overflow via npy_token_next
Sep 25, 2024
CVSS 5.5
EPSS 0.00
CVE-2024-9014
CRITICAL
NUCLEI
pgAdmin < 8.12 - OAuth2 Credential Exposure
Sep 23, 2024
CVSS 9.9
EPSS 0.10
CVE-2024-45793
MEDIUM
Confidant < 6.6.2 - Authenticated Stored Cross-Site Scripting via Credentials and Services Endpoints
Sep 20, 2024
CVSS 4.8
EPSS 0.00
CVE-2024-8375
HIGH
Reverb < 2024-08-05 - Use-After-Free via VARIANT Tensor Unpacking
Sep 19, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-46946
CRITICAL
langchain-experimental 0.1.17-0.3.0 - Remote Code Execution via LLMSymbolicMathChain Sympy Sympify
Sep 19, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-45601
HIGH
Mesop >=0.9.0 <0.12.4 - Unauthorized File Access via Insufficient Input Validation
Sep 18, 2024
CVSS 7.5
EPSS 0.00
CVE-2024-45858
HIGH
Guardrails AI Guardrails <0.5.10 - RCE
Sep 18, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-35515
CRITICAL
sqlitedict <= 2.1.0 - Remote Code Execution via Insecure Deserialization
Sep 18, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-45606
HIGH
Sentry 23.4.0-24.9.0 - Authenticated Authorization Bypass via Alert Rule Mute
Sep 17, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-45605
MEDIUM
Sentry 23.9.0-24.9.0 - Authenticated Authorization Bypass via User Alert Notification Deletion
Sep 17, 2024
CVSS 6.5
EPSS 0.00
CVE-2024-8948
HIGH
MicroPython 1.23.0 - Heap-based Buffer Overflow in mpz_as_bytes
Sep 17, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-8947
MEDIUM
MicroPython 1.22.2 - Use-After-Free in objarray Component
Sep 17, 2024
CVSS 5.6
EPSS 0.01
CVE-2024-8946
HIGH
MicroPython 1.23.0 - Heap-based Buffer Overflow in VFS Unmount Handler
Sep 17, 2024
CVSS 7.3
EPSS 0.01
CVE-2024-8939
MEDIUM
vllm - Denial of Service via Improper Handling of best_of Parameter
Sep 17, 2024
CVSS 6.2
EPSS 0.00
CVE-2024-8768
HIGH
vllm < 0.5.5 - Denial of Service via Empty Prompt
Sep 17, 2024
CVSS 7.5
EPSS 0.01
CVE-2024-5998
HIGH
langchain < 0.2.9 and langchain-community < 0.2.4 - Remote Code Execution via FAISS Deserialization
Sep 17, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-8865
LOW
composio < 0.5.8 - Path Traversal via File Parameter in API Download
Sep 15, 2024
CVSS 3.5
EPSS 0.01
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 92
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters