pypi
4,993 tracked vulnerabilities.
CVE-2024-45857
HIGH
Cleanlab >= 2.4.0 - Remote Code Execution via Malicious datalab.pkl File
Sep 12, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-45856
CRITICAL
MindsDB - Stored Cross-Site Scripting in ML Engine Enumeration
Sep 12, 2024
CVSS 9.0
EPSS 0.00
CVE-2024-45855
HIGH
MindsDB >= 23.10.2.0 - Remote Code Execution via Malicious Inhouse Model Deserialization
Sep 12, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-45854
HIGH
MindsDB >= 23.10.3.0 - Remote Code Execution via Malicious Inhouse Model Deserialization
Sep 12, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-45853
HIGH
MindsDB >= 23.10.2.0 - Remote Code Execution via Malicious Inhouse Model Deserialization
Sep 12, 2024
CVSS 7.1
EPSS 0.00
CVE-2024-45852
HIGH
MindsDB >= 23.3.2.0 - Remote Code Execution via Untrusted Model Deserialization
Sep 12, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-45851
HIGH
MindsDB 23.10.5.0-24.7.4.1 - Remote Code Execution via SharePoint INSERT Query
Sep 12, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-45850
HIGH
MindsDB 23.10.5.0-24.7.4.1 - Remote Code Execution via SharePoint Integration INSERT Query
Sep 12, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-45849
HIGH
MindsDB 23.10.5.0-24.7.4.1 - Remote Code Execution via SharePoint INSERT Query
Sep 12, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-45848
HIGH
MindsDB 23.12.4.0-24.7.4.1 - Remote Code Execution via ChromaDB INSERT Query
Sep 12, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-45847
HIGH
MindsDB 23.11.4.2-24.7.4.1 - Remote Code Execution via UPDATE Query Eval Injection
Sep 12, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-45846
HIGH
MindsDB 23.10.3.0-24.7.4.1 - Remote Code Execution via Weaviate SELECT WHERE Clause
Sep 12, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-27321
HIGH
Refuel Autolabel >= 0.0.8 - Remote Code Execution via Malicious CSV File in Multilabel Classification Task
Sep 12, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-27320
HIGH
Refuel Autolabel >= 0.0.8 - Remote Code Execution via Malicious CSV File
Sep 12, 2024
CVSS 7.8
EPSS 0.00
CVE-2024-6091
CRITICAL
agpt autogpt_classic - OS Command Injection via Denylist Bypass
Sep 11, 2024
CVSS 9.8
EPSS 0.01
CVE-2024-45595
MEDIUM
d-tale < 3.14.1 - Remote Code Execution via Custom Filter Input
Sep 10, 2024
CVSS 6.1
EPSS 0.01
CVE-2024-45498
HIGH
Apache Airflow <2.10.0 - Command Injection
Sep 07, 2024
CVSS 8.8
EPSS 0.01
CVE-2024-45034
HIGH
Apache Airflow <2.10.1 - Code Injection
Sep 07, 2024
CVSS 8.8
EPSS 0.02
CVE-2024-45758
CRITICAL
H2O < 3.46.0.4 - Unauthenticated Remote Code Execution via JDBC Connection URL Injection
Sep 06, 2024
CVSS 9.1
EPSS 0.01
CVE-2024-24759
CRITICAL
NUCLEI
MindsDB -DNS Rebinding SSRF Protection Bypass
Sep 05, 2024
CVSS 9.3
EPSS 0.05
CVE-2024-45399
MEDIUM
Indico < 3.3.4 - Cross-Site Scripting via Account Creation Next URL Parameter
Sep 04, 2024
CVSS 4.3
EPSS 0.00
CVE-2024-45314
LOW
Flask-AppBuilder <4.5.1 - Info Disclosure
Sep 04, 2024
CVSS 3.6
EPSS 0.00
CVE-2024-45053
CRITICAL
Fides 2.19.0-2.44.0 - Authenticated Remote Code Execution via Email Template Injection
Sep 04, 2024
CVSS 9.1
EPSS 0.01
CVE-2024-45052
MEDIUM
Fides < 2.44.0 - Unauthenticated Timing-Based Username Enumeration via Authentication Response
Sep 04, 2024
CVSS 5.3
EPSS 0.01
CVE-2024-43805
HIGH
JupyterLab < 3.6.8 and Notebook 7.0.0-7.2.2 - Cross-Site Scripting via Malicious Markdown Cell
Aug 28, 2024
CVSS 7.6
EPSS 0.00
Products
tensorflow 427
tensorflow-gpu 421
tensorflow-cpu 417
Django 147
apache-airflow 128
Plone 96
open-webui 87
mlflow 77
apache-superset 67
salt 67
ansible 66
pillow 52
nova 49
gradio 48
matrix-synapse 44
pyload-ng 44
rdiffweb 43
keystone 40
vllm 40
vyper 39
moin 35
aiohttp 34
opencv-contrib-python 30
opencv-python 30
pypdf 28
PraisonAI 27
pgadmin4 26
langflow 24
openbabel 24
picklescan 23
Quick Filters